IDC RSA Security Breakfast 2018 · Network Network Firewall/UTM Virtualized Firewall ... Firewall...
Transcript of IDC RSA Security Breakfast 2018 · Network Network Firewall/UTM Virtualized Firewall ... Firewall...
IDC RSA Security Breakfast 2018Sean Pike
© IDC
© IDC 2
Are We on Equal Footing Now?
© IDC 3
Resilience and Platform
Cyber Resilience – Security and Business
• The Difference Between Cyber Security and Cyber Resilience
• What resource is right?
US-CERT– A Standard Example
• Ten Practice Domains
• Predates the Cybersecurity Framework
Application – Need for Resilience
• Government
• Critical Infrastructure
• Business
© IDC 4
Digital Transformation Driving Hyper Connectivity
EXTERNAL PROCESSES
ConnectedProcesses
Assets
People
INTERNAL PROCESSES
Mobile
IoT
AR/VR
BOT
API
INTELLIGENTCORE
© IDC 5
The Steep Cost of Transformation
Lessons of Rube GoldbergIn Society
In Business
Key Tenets
Connectivity means • Attack surfaces
• System latitude
• Points-of-failure
© IDC 6
DX for the Resilience Minded Professional
The integration of technology with all aspects of society
Creating interconnected intelligence driven solutions
Integration, Connectivity, Automation, Orchestration
Automatic means • Attack surfaces
• Data integrity
• Disconnection with process
© IDC 7
Increased Burden
© IDC 8
5%
Modified Architecture
2019 Cyber and IT Security Products
Network
Network
Firewall/UTM
Virtualized Firewall
IDS/IPS
Internal Network Analysis
VPN/SSL
Content Inspection
Messaging
Web Content Security
Network Sandboxing
Cloud Security Gateway
Internet Defense
DDoS Mitigation
Web Application Firewall
DNS Security
Certificates
Endpoint
Consumer
Modern Endpoint
Physical Server
Software Defined Compute
Information Protection & Control
Endpoint Management
IAM
& Digital Trust
Advanced Authentication
Identity Management/ Single Sign On (SSO)
Privileged Access Management
Legacy/ Other
B2C Identity Management
Device Identity
AIRO
Analytics & Intelligence
SIEM & Security Analytics
Threat Analytics
Threat Intelligence
Decpetion
Response
Forensics
Policy & Compliance
Security GRC
Orchestration
Vulnerability Assessment & Management
NAC
Orchestration & Automation
Data Security
DLP
Encryption & Data Protection
Database & Storage Tools
DRM
Key Management/ HSM
File Activity Monitoring
PKI
App Sec & DevSecOps
DevSecOps
Application Scanning
API Authentication & Management
Lockboxing
9
Focus on Traditional Network Security Products and Content Inspection
Network
Focus on Cloud specific security solutions and hosted cloud solutions
Cloud
Specifc focus on Penetration Testing, Code Analysis and Securing Software Defined Workload
AppSec & DevSecOps
Focus on differentiating analytic capabilities and platforms
AIRO
Focus on endpoint technologies such as anti-malware and response capabilities
Endpoint
10
Deeper Coverage
Network
11
Go-to-Market