Transcription
Advancedcyber-threatsneed advancedsolutionsAndy HerringtonDarren ThomsonDRAFT0 Copyright FUJITSU 2017
DRAFT1
DRAFT2
DRAFT3
DRAFT4
Sector SpecificsAutomotiveManufacturingRetail & FinanceHealthcareUtilitiesConsumer Services Telematics In-vehicleentertainment Navigation Safety services Conciergeservices Remotediagnostics Personalizedinsurance Supply chainmanagement Geo-fencing Machinediagnostics Inventory control Industrialautomationcontrol Equipmentmonitoring Smart payments,cards Point of Saleterminals ATM Vending machinemonitoring Digital signageand electronicbillboards Home healthcareand hospitalpatientmonitoring Remotetelemedicine &physicianconsultation Body sensormonitoring Meter reading Industrialcontrols Pro-active alerts Smart Gridapplications Remotetemperaturecontrol Smart homeappliances Connected home Video feedmonitoringDRAFT5
Applications and Data Are Moving to The CloudMicrosoftOffice 365AmazonWeb ServicesBoxSalesforceDRAFTAzure6
Privacy Most Important When CustomersChoose Products or ServicesDRAFTKeeping your data safe and secure88%Delivering quality products / services86%Delivering great customer service82%Treating their employees and suppliers fairly69%Being environmentally friendly56%7
Consumer Trust and Technology69%Organisations whosebusiness models are basedon data (tech companiesand social mediacompanies) appear lesstrusted to keep customerdata completely secure66%Data Trust Chain45%22%20%10%Hospitals / nies (i.e.Google, Microsoft)8Retailers (Includingonline shops)Social media sites(i.e. Facebook,Twitter)
9Cloud Security ConsiderationsEnsure Governance andComplianceProtect CloudInteractionsPublic / IaaSProtect InformationPublic / PaaSProtect & ManageInfrastructureDRAFTPrivate9Public / SaaS
It’s all good, it’s all under control DRAFT10
. mostlyDRAFT11
What should the focus be – objectivity“It’s all about organisational objectives . but it always has been”The object is still to be more successful than your competitors. It’s justthat the ecosystems have evolved out of all recognition: Organisational complexityPermeabilityPaceLoss of direct controlBarriers to entry for challengers loweredOpportunities for changeThe risk surface is expanding and there is no sign it is about to let upanytime soon.DRAFT12
Next Gen Threat – is it new and improved?Old World – one of the below usually cock-up or attackNon-maliciousExternalInternalMalicious Accidental Pen test(Wrong IP block entry) Accidental serviceprovider take-down Failure of service provision External attacks to penetrateExternal attacks to disruptReputational attacksRansom / BlackmailPhishingBusiness E-mail Fraud Mistake Out of band /out of policy /out of procedure change Upstream take down /changeaffecting otherdependent systems Vendetta! Disgruntled employee Legitimate insider routefor malicious intent Paid to share / reveal BlackmailNew World – all of the above plus hostile presenceDRAFT13
Taking a different approachDRAFT14
Enterprise & Cyber SecurityIntegrated Cyber Defence stURLManagedPKIMessagingCloud WebProtectionCloudFileThird Party EcosystemVIPIdentityEndpoint CloudCloudDLPCloud SandboxDataCenter SecurityCASBEncryptionCyber SecurityServicesOn PremisesSOC WorkbenchWeb lyticsData CenterSecurityManagementPerformanceMalware AnalysisComplianceAdvanced Threat ProtectionSIEM IntegrationDRAFT15Symantec and Fujitsutogether deliverIntelligence LedSecurity
How Fujitsu can helpAdvisory Consulting Services Independent, objective advice to support ourcustomers in understanding securityrequirements and setting the strategy toaddress them. Consultants discuss Business problems and workwith you to define enhanced Business solutionsaddressing security needsTechnical Professional Services Architect, design and implementation ofThird Party Alliance Partner Securitytechnologies.DRAFT16
What does this look like?Paradox: Going faster over unknown ground ‘Build it in’ we are getting to the point where it is not possible to ‘bolt it on’ Orchestration knowing when to take greater care and integrating activities Dynamic . Expect to change plan for change Hygiene & Resilience sensible cleanliness and ‘business immune systems’ Looking for the needle in the stack of needles Biomimicry and the rise of the machinesMost important - the ability to take a step back and gain a further levelof context to the decision making process.DRAFT17
DRAFT18
Innovation for the Cloud GenerationCloud BreachAnalysisComplications ofCloud AdoptionCloud SandboxProviderCloudData EncryptionProviderCloudDLP Provider Who Owns theComprehensiveService Level Agreements Single Pane of Glass? Redundancy & HighAvailability?CloudWeb GatewayProviderCloud DDoSUBA Vendor Compatibility?Cloud Forensic /RecordingCloudAccess ControlProviderCloud EmailScanningIndustry Has Created Cloud Security ChaosDRAFT19
Gaining Control of the CloudVisibility know what is running / stored where Authentication ensure only right users can access the right apps/data Data Protection safeguard my data everywhere and at all times Secure Environment ensure the environment is protected from malware and advanced threats Adaptive Security security stays in-sync and scales with my constantly changing Cloudenvironment Automation be able to automatically apply the right security with minimal humanintervention manage my complex hybrid world from single control point Ease of UseDRAFT20
Building An Integrated Cyber Defence PlatformFor The Cloud GenerationDRAFT21
LEndpointCloudCloudSecure tectionEDRDRAFT22
LCLOUDON PREMISESEndpointCloudCloudSecure EDR23
OUDON PREMISESURLThird PartysEndpointCloudCloudSecure EM IntegrationDRAFT24
itelistFileCLOUDURLThird PartysEmailSecurityCloudSecure WebGatewayON PREMISESSOC lIntelligenceEndpointProtectionEDRSIEM IntegrationDRAFT25
Integrated Cyber Defence rtificateWhitelistFileCLOUDURLThird PartysCloudSecure loudSandboxDataCenterSecurityCASBEncryptionCloud DataProtectionWebsiteSecurityON PREMISESSOC yticsData CenterSecurityIT ysisComplianceManagementWeb ApplicationFirewallAdvanced ThreatProtectionRiskInsightSecure MailGatewaySIEM IntegrationDRAFT26
Innovation for the Cloud Generation:Protecting Against Advanced Threats – Global Intelligence NetworkDiscovered12,000 new unique piecesof malware last yearCloudapplicationsdiscovered andprotected430 million1 Billionpreviously unseenweb requestsscanned daily2 Billion1Bemails scanned perdaymalicious emailsstopped last year175M100Msocial engineeringscams blockedlast yearDRAFTCloud Global IntelligenceSourced From:182Mweb attacksblocked last yearConsumer andEnterprise endpointsprotected9 global threatresponse centerswith3000Researchersand Engineers27
Ensuring Safe Cloud UsageHeadquartersData CenterRegionalOfficeRoamingUsersPersonal DevicesIOT DevicesCopyright 2017 Symantec Corporation28
DRAFT29
Symantec and Fujitsu together deliver Intelligence Led Security . DLP CASB Managed PKI Messaging Data Center Security Cloud Sandbox Cyber Security Services Encryption Endpoint Compliance Advanced Threat Protection Encrypted Traffic Management DLP Security . Gateway Email Security Third Partys S D. DRAFT 25 Secure Web Gateway Cyber Security
