SlideShare ist ein Scribd-Unternehmen logo

Security Summit July 2009

Shahar Geiger Maor
Shahar Geiger Maor

PC Magazine security summit, July 2009

TechnologieBusiness
1 von 28
Downloaden Sie, um offline zu lesen
Your Text here Your Text here Shahar Geiger Maor shahar@stki.info Visit My Blog: http://shaharmaor.blogspot.com/ 1
Agenda 1 Downturn Economics 2 Communication CISOs Agenda Your Text here Your Text here 3 Technologies (NAC, DCS, IAM SIEM) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
Israeli Information Technology Market Size Your Text here Market here 2008: Your Text size 4.645 B$ Market size 2009: 4.063 B$ Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 3
IT Market Share (%) by Industry Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 4
Israeli Information Security Market Size GRC and Security market size (Ms of $) Your Text here 2008 2009 Your Text here 2010 Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0 Security (projects) 95.0 -10.53% 85.0 11.76% 95.0 Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0 Total 220 0% 220 14% 250 Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 5
Security Budgeting Difficulties – The Market is Under Stress Although most 2009 72% expect additional security budgets are set downward revisions during (89% surveyed) the remainder of the year Your Text here Your Text here 65% of security vendors are 53% of vendors are providing discounts for new reducing maintenance fees products purchases Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
Vendor Discounting in Response to Buyer Request Your Text here Your Text here Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 7
Security Budgeting Difficulties – Downturn Mechanism Longer POC Your Text here Longer Your Text here sale cycle Vendor bottom line turns red Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
More Optimism about Security Spending 45% 40% 35% 30% 25% Your Text here Your Text here IT Spending 20% Sec Spending 15% 10% 5% 0% > -10% -10% to -5% -5%% to 5% 5% to 10% 10+% Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
What’s on the CISO’s Agenda? (STKI Madad 2008-2009) Network DLP Hardening Market Players 5% 4% 3% 5% Access GRC 18% 5% Miscellaneous EPS/Anti x 6% Your Text here Your Text here 14% NAC DB Protection WAF & Apps 6% 7% 11% Management Trends 8% 8% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 10
What’s on the CISO’s Agenda? (STKI Madad March-June 2009) Sec Tools SIEM/SOC EPS 5% 5% 5% DB/DC SEC Encryption 18% 9% Access/Authenti Market/Trends cation Your Text here Your Text here 10% 15% NAC Miscellaneous 10% DLP 15% 10% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
What’s on the CISO’s Agenda? Financial sector: • Access and DLP: Mobile Security, OTP, Data Obfuscation Governmental agencies and subsidiaries: • NAC, IDM High-Tech and Services: Your Text here Your Text here • Virtualization, Cloud Computing, EPS and mobility Cross-sector: • SIEM-SOC, Application Security and methodologies Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
Security Staffing Ratios Organization Type Ratios of Security Personnel (Israel) Average Public Sector 0.15% of Total Users Your Text here Your Text here “Sensitive” Public Sector 0.5% of Total Users Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
Technologies Categorization 2009 Business Value Investment to make money Remote Access Cut costs, Increase Manage Sec. productivity IAM/IDM Services IT Project Business SSO Cloud Project App. Your Text here Anti Your Text here Sec. DLP Size of figure = Commodity IT X Mobile complexity/ EPS SIEM/SOC Sec. Services cost of project DB Vir. Network NAC Sec. Sec. Security Investment for regulations GRC Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 14
Network Access Control Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 15
NAC Insights NAC has not been “fully digested” by Israeli customers in 2008. There should be more activity in 2009 NAC can be deployed less expensively when it is an embedded feature of an existing vendor and customers take notice of it Some network and security vendors alreadyText here Your Text here Your have solutions that can be part of the NAC process  Israeli customers first priority: network visibility and guest network control Network or Security? NAC is a Layer 2 vs. Layer 3 match Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
Data Centric Security Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
Data Centric Approach Your Text here Your Text here “Business of Security” – Security “perimeter security” is built into the business process Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 18
Data Centric Security Arena DLP ERM Database Encryption Protection EPS Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
DLP –Market Status DLP Deployments Status -Israel 1Q09 Solution Deployed 20% Your Text here PlanYour Text here to Deploy Not "There" Yet Soon 60% 20% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
Identity & Access Management (IDM/IAM) Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
IDM/IAM Savings Your Text here Your Text here Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
Key Success Factors for Future IDM Project Consider IDM also as a business project, rather than a pure IT project Make sure the project bridges the gap between business and IT  StartYour Text here easier success (Single Signhere a small for Your Text On, vertical project)  Choose a step-by-step approach, rather than a mastodon implementation. Focus on basic functionalities not on the additional features Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 23
Security Information and Event Management Your Text here Your Text here 24
Silos of Redundant Information Management Your Text here Your Text here Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
An Enterprise Platform for Compliance and Security Your Text here Your Text here SIEM Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
SIEMSOC “Round Table” Insights How to “sell” SIEM project to your organization Knowing when NOT to start a project Reporting Systems, Logging and parsing “Tracing the events” (real-time?) Who defines what is “risk”? How to translate it to HD? Your Text here Your Text here Maintenance and operations: What does it take? Outsourced SOC (must be taken under consideration) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
Your Text here Your Text here Shahar Geiger Maor VP & Senior Analyst shahar@stki.info 28

Empfohlen

Piaggio Group - Strategic Plan 2010-2013
Piaggio Group - Strategic Plan 2010-2013Piaggio Group - Strategic Plan 2010-2013
Piaggio Group - Strategic Plan 2010-2013PIAGGIO GROUP INVESTOR RELATIONS
 
Primeros Auxilios 3
Primeros Auxilios 3Primeros Auxilios 3
Primeros Auxilios 3Sistematizacion De la Enseñanza
 
Summit 2011 trends in information security
Summit 2011 trends in information securitySummit 2011 trends in information security
Summit 2011 trends in information securityShahar Geiger Maor
 
Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Shahar Geiger Maor
 
Information security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorInformation security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorShahar Geiger Maor
 
כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2Shahar Geiger Maor
 
STKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsSTKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsShahar Geiger Maor
 
E Mail Security Solution Industry Report PowerPoint Presentation Slides
E Mail Security Solution Industry Report PowerPoint Presentation SlidesE Mail Security Solution Industry Report PowerPoint Presentation Slides
E Mail Security Solution Industry Report PowerPoint Presentation SlidesSlideTeam
 

Empfohlen

Piaggio Group - Strategic Plan 2010-2013
Piaggio Group - Strategic Plan 2010-2013Piaggio Group - Strategic Plan 2010-2013
Piaggio Group - Strategic Plan 2010-2013PIAGGIO GROUP INVESTOR RELATIONS
 
Primeros Auxilios 3
Primeros Auxilios 3Primeros Auxilios 3
Primeros Auxilios 3Sistematizacion De la Enseñanza
 
Summit 2011 trends in information security
Summit 2011 trends in information securitySummit 2011 trends in information security
Summit 2011 trends in information securityShahar Geiger Maor
 
Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Stki Summit 2010 Infra Services V8
Stki Summit 2010 Infra Services V8Shahar Geiger Maor
 
Information security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorInformation security stki summit 2012-shahar geiger maor
Information security stki summit 2012-shahar geiger maorShahar Geiger Maor
 
כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2כנס אבטחת מידע מוטו תקשורת V2
כנס אבטחת מידע מוטו תקשורת V2Shahar Geiger Maor
 
STKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsSTKI Summit 2009 -Infrastructure Services Trends
STKI Summit 2009 -Infrastructure Services TrendsShahar Geiger Maor
 
E Mail Security Solution Industry Report PowerPoint Presentation Slides
E Mail Security Solution Industry Report PowerPoint Presentation SlidesE Mail Security Solution Industry Report PowerPoint Presentation Slides
E Mail Security Solution Industry Report PowerPoint Presentation SlidesSlideTeam
 
Networking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorNetworking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorShahar Geiger Maor
 
DLP Trends -Dec 2010
DLP Trends -Dec 2010DLP Trends -Dec 2010
DLP Trends -Dec 2010Shahar Geiger Maor
 
Trends In Infrastructure Services
Trends In Infrastructure ServicesTrends In Infrastructure Services
Trends In Infrastructure ServicesAriel Evans
 
Akamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationAkamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationRoss Andrew Simons
 
297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015Inbalraanan
 
Infrastructure Services Market 2009
Infrastructure Services Market 2009Infrastructure Services Market 2009
Infrastructure Services Market 2009Dr. Jimmy Schwarzkopf
 
E Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation SlidesE Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation SlidesSlideTeam
 
Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709TammyMathews
 
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009Galit Fein
 
PCI Challenges
PCI ChallengesPCI Challenges
PCI ChallengesShahar Geiger Maor
 
Summit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesSummit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesShahar Geiger Maor
 
Office of the CIO 2009
Office of the CIO 2009Office of the CIO 2009
Office of the CIO 2009Dr. Jimmy Schwarzkopf
 
IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009Galit Fein
 
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...SlideTeam
 
Endpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorEndpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorShahar Geiger Maor
 
AI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network ManagementAI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network ManagementEnterprise Management Associates
 
Mdm 2009 trends
Mdm 2009 trendsMdm 2009 trends
Mdm 2009 trendsEinat Shimoni
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloudInterop
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010gueste25c51c
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010Galit Fein
 
Cyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of CybercrimeCyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of CybercrimeShahar Geiger Maor
 
From creeper to stuxnet
From creeper to stuxnetFrom creeper to stuxnet
From creeper to stuxnetShahar Geiger Maor
 

Weitere ähnliche Inhalte

Ähnlich wie Security Summit July 2009

Networking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorNetworking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorShahar Geiger Maor
 
Trends In Infrastructure Services
Trends In Infrastructure ServicesTrends In Infrastructure Services
Trends In Infrastructure ServicesAriel Evans
 
Akamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationAkamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationRoss Andrew Simons
 
297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015Inbalraanan
 
E Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation SlidesE Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation SlidesSlideTeam
 
Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709TammyMathews
 
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009Galit Fein
 
Summit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesSummit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesShahar Geiger Maor
 
IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009Galit Fein
 
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...SlideTeam
 
Endpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorEndpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorShahar Geiger Maor
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloudInterop
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010gueste25c51c
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010Galit Fein
 

Ähnlich wie Security Summit July 2009 (20)

Networking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maorNetworking stki summit 2012 -shahar geiger maor
Networking stki summit 2012 -shahar geiger maor
 
DLP Trends -Dec 2010
DLP Trends -Dec 2010DLP Trends -Dec 2010
DLP Trends -Dec 2010
 
Trends In Infrastructure Services
Trends In Infrastructure ServicesTrends In Infrastructure Services
Trends In Infrastructure Services
 
Akamai -- Analysis and Recommendation
Akamai -- Analysis and RecommendationAkamai -- Analysis and Recommendation
Akamai -- Analysis and Recommendation
 
297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015297727851 getting-to-the-cloud-event-2015
297727851 getting-to-the-cloud-event-2015
 
Infrastructure Services Market 2009
Infrastructure Services Market 2009Infrastructure Services Market 2009
Infrastructure Services Market 2009
 
E Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation SlidesE Mail Protection Industry Report Template PowerPoint Presentation Slides
E Mail Protection Industry Report Template PowerPoint Presentation Slides
 
Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709Idc Saa S Pricing Briefing 061709
Idc Saa S Pricing Briefing 061709
 
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
IT governance / Office of the CIO - Short version - Galit STKI Summit 2009
 
PCI Challenges
PCI ChallengesPCI Challenges
PCI Challenges
 
Summit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure servicesSummit 2011 trends in infrastructure services
Summit 2011 trends in infrastructure services
 
Office of the CIO 2009
Office of the CIO 2009Office of the CIO 2009
Office of the CIO 2009
 
IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009IT Governance/Office of the CIO Trends Stki Summit 2009
IT Governance/Office of the CIO Trends Stki Summit 2009
 
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
E Mail Security Industry Overview And Implementation Report PowerPoint Presen...
 
Endpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maorEndpoints stki summit 2012-shahar geiger maor
Endpoints stki summit 2012-shahar geiger maor
 
AI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network ManagementAI-Driven Networks: Leveling Up Network Management
AI-Driven Networks: Leveling Up Network Management
 
Mdm 2009 trends
Mdm 2009 trendsMdm 2009 trends
Mdm 2009 trends
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010
 
Office of the CIO Trends 2010
Office of the CIO Trends 2010Office of the CIO Trends 2010
Office of the CIO Trends 2010
 

Mehr von Shahar Geiger Maor

Cyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of CybercrimeCyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of CybercrimeShahar Geiger Maor
 
Risk, regulation and data protection
Risk, regulation and data protectionRisk, regulation and data protection
Risk, regulation and data protectionShahar Geiger Maor
 
STKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM PanelSTKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM PanelShahar Geiger Maor
 
Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2Shahar Geiger Maor
 
Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010Shahar Geiger Maor
 
Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1Shahar Geiger Maor
 
Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Shahar Geiger Maor
 
Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)Shahar Geiger Maor
 
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008Shahar Geiger Maor
 
Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008Shahar Geiger Maor
 

Mehr von Shahar Geiger Maor (19)

Cyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of CybercrimeCyber economics v2 -Measuring the true cost of Cybercrime
Cyber economics v2 -Measuring the true cost of Cybercrime
 
From creeper to stuxnet
From creeper to stuxnetFrom creeper to stuxnet
From creeper to stuxnet
 
Mobile payment v3
Mobile payment v3Mobile payment v3
Mobile payment v3
 
Risk, regulation and data protection
Risk, regulation and data protectionRisk, regulation and data protection
Risk, regulation and data protection
 
STKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM PanelSTKI Mobile brainstorming -MDM Panel
STKI Mobile brainstorming -MDM Panel
 
Social Sec infosec -pptx
Social Sec infosec -pptxSocial Sec infosec -pptx
Social Sec infosec -pptx
 
Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2Cloud Security CISO club -April 2011 v2
Cloud Security CISO club -April 2011 v2
 
Cloud security v2
Cloud security v2Cloud security v2
Cloud security v2
 
Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010Infrastructure Trends -Jan 2010
Infrastructure Trends -Jan 2010
 
Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1Info Sec C T O Forum Nov 2009 V1
Info Sec C T O Forum Nov 2009 V1
 
Green Security
Green SecurityGreen Security
Green Security
 
IPv6
IPv6IPv6
IPv6
 
Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008Trends In The Israeli Information Security Market 2008
Trends In The Israeli Information Security Market 2008
 
Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)Trends in the World and Israeli Green Data Centers (2008)
Trends in the World and Israeli Green Data Centers (2008)
 
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
Trends in the Israeli Infrastructure Services/STKI Summit -Update June 2008
 
Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008Green IT Trends in Israel July 2008
Green IT Trends in Israel July 2008
 
Round Tables Summary
Round Tables SummaryRound Tables Summary
Round Tables Summary
 
Green IT Trends in Israel
Green IT Trends in IsraelGreen IT Trends in Israel
Green IT Trends in Israel
 
Round Tables: Summary
Round Tables: SummaryRound Tables: Summary
Round Tables: Summary
 

Kürzlich hochgeladen

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Kürzlich hochgeladen (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Security Summit July 2009

  • 1. Your Text here Your Text here Shahar Geiger Maor shahar@stki.info Visit My Blog: http://shaharmaor.blogspot.com/ 1
  • 2. Agenda 1 Downturn Economics 2 Communication CISOs Agenda Your Text here Your Text here 3 Technologies (NAC, DCS, IAM SIEM) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
  • 3. Israeli Information Technology Market Size Your Text here Market here 2008: Your Text size 4.645 B$ Market size 2009: 4.063 B$ Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 3
  • 4. IT Market Share (%) by Industry Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 4
  • 5. Israeli Information Security Market Size GRC and Security market size (Ms of $) Your Text here 2008 2009 Your Text here 2010 Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0 Security (projects) 95.0 -10.53% 85.0 11.76% 95.0 Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0 Total 220 0% 220 14% 250 Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 5
  • 6. Security Budgeting Difficulties – The Market is Under Stress Although most 2009 72% expect additional security budgets are set downward revisions during (89% surveyed) the remainder of the year Your Text here Your Text here 65% of security vendors are 53% of vendors are providing discounts for new reducing maintenance fees products purchases Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
  • 7. Vendor Discounting in Response to Buyer Request Your Text here Your Text here Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 7
  • 8. Security Budgeting Difficulties – Downturn Mechanism Longer POC Your Text here Longer Your Text here sale cycle Vendor bottom line turns red Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
  • 9. More Optimism about Security Spending 45% 40% 35% 30% 25% Your Text here Your Text here IT Spending 20% Sec Spending 15% 10% 5% 0% > -10% -10% to -5% -5%% to 5% 5% to 10% 10+% Source: http://metrosite.files.wordpress.com/2008/06/information_security_spending_survey_2009.pdf Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
  • 10. What’s on the CISO’s Agenda? (STKI Madad 2008-2009) Network DLP Hardening Market Players 5% 4% 3% 5% Access GRC 18% 5% Miscellaneous EPS/Anti x 6% Your Text here Your Text here 14% NAC DB Protection WAF & Apps 6% 7% 11% Management Trends 8% 8% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 10
  • 11. What’s on the CISO’s Agenda? (STKI Madad March-June 2009) Sec Tools SIEM/SOC EPS 5% 5% 5% DB/DC SEC Encryption 18% 9% Access/Authenti Market/Trends cation Your Text here Your Text here 10% 15% NAC Miscellaneous 10% DLP 15% 10% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
  • 12. What’s on the CISO’s Agenda? Financial sector: • Access and DLP: Mobile Security, OTP, Data Obfuscation Governmental agencies and subsidiaries: • NAC, IDM High-Tech and Services: Your Text here Your Text here • Virtualization, Cloud Computing, EPS and mobility Cross-sector: • SIEM-SOC, Application Security and methodologies Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
  • 13. Security Staffing Ratios Organization Type Ratios of Security Personnel (Israel) Average Public Sector 0.15% of Total Users Your Text here Your Text here “Sensitive” Public Sector 0.5% of Total Users Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
  • 14. Technologies Categorization 2009 Business Value Investment to make money Remote Access Cut costs, Increase Manage Sec. productivity IAM/IDM Services IT Project Business SSO Cloud Project App. Your Text here Anti Your Text here Sec. DLP Size of figure = Commodity IT X Mobile complexity/ EPS SIEM/SOC Sec. Services cost of project DB Vir. Network NAC Sec. Sec. Security Investment for regulations GRC Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 14
  • 15. Network Access Control Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 15
  • 16. NAC Insights NAC has not been “fully digested” by Israeli customers in 2008. There should be more activity in 2009 NAC can be deployed less expensively when it is an embedded feature of an existing vendor and customers take notice of it Some network and security vendors alreadyText here Your Text here Your have solutions that can be part of the NAC process  Israeli customers first priority: network visibility and guest network control Network or Security? NAC is a Layer 2 vs. Layer 3 match Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
  • 17. Data Centric Security Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
  • 18. Data Centric Approach Your Text here Your Text here “Business of Security” – Security “perimeter security” is built into the business process Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 18
  • 19. Data Centric Security Arena DLP ERM Database Encryption Protection EPS Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
  • 20. DLP –Market Status DLP Deployments Status -Israel 1Q09 Solution Deployed 20% Your Text here PlanYour Text here to Deploy Not "There" Yet Soon 60% 20% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
  • 21. Identity & Access Management (IDM/IAM) Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
  • 22. IDM/IAM Savings Your Text here Your Text here Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
  • 23. Key Success Factors for Future IDM Project Consider IDM also as a business project, rather than a pure IT project Make sure the project bridges the gap between business and IT  StartYour Text here easier success (Single Signhere a small for Your Text On, vertical project)  Choose a step-by-step approach, rather than a mastodon implementation. Focus on basic functionalities not on the additional features Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 23
  • 24. Security Information and Event Management Your Text here Your Text here 24
  • 25. Silos of Redundant Information Management Your Text here Your Text here Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
  • 26. An Enterprise Platform for Compliance and Security Your Text here Your Text here SIEM Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
  • 27. SIEMSOC “Round Table” Insights How to “sell” SIEM project to your organization Knowing when NOT to start a project Reporting Systems, Logging and parsing “Tracing the events” (real-time?) Who defines what is “risk”? How to translate it to HD? Your Text here Your Text here Maintenance and operations: What does it take? Outsourced SOC (must be taken under consideration) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
  • 28. Your Text here Your Text here Shahar Geiger Maor VP & Senior Analyst shahar@stki.info 28