SlideShare ist ein Scribd-Unternehmen logo

Big Data is Old School – Endpoint Intelligence is the New Information Security

Unisys Corporation
Unisys Corporation

To learn more about Unisys Stealth visit: http://www.unisys.com/stealth Explore Unisys CISO Dave Frymier's recent presentation from the RSA Conference in San Fransisco. It’s time to let go of intelligence inside the network. Shifting to endpoint intelligence is not only more effective, it’s less costly. This shift can also help organizations immediately identify if information has been compromised.

Technologie
1 von 10
Downloaden Sie, um offline zu lesen
Big Data InfoSec Should Be Dead David Frymier Vice President and CISO, Unisys
Two Big Drivers IT Environment Consumerization of IT • New devices are everywhere; employees will use them – Consumer devices are not generally MS domain aware • Not just about devices—new services on the Internet tunnel port 80 – gotomyPC, logmein – Dropbox • Organizational perimeter crumbling © 2014 Unisys Corporation. All rights reserved. 2
Advanced Persistent Threat • Enters through spam e-mail, bad websites • “Beacons” back to command and control servers – Reports in – Obtains instructions/more malware • Evades anti-malware software • Low and slow • Looks laterally and vertically in network for high value targets • Can be found through beaconing activity Corporate Jewels Enterprise Administration (Active Directory) Departmental infrastructure Random spam Spear phishing Bad web site Botnet C&C © 2014 Unisys Corporation. All rights reserved. 3
Security Monitoring Model – SIEM Current countermeasures Portal Network Security Services Asset Inventory and Vulnerability Scanning Portal Security Incident Management Dashboard & Reports Assets and Vulnerabilities Intrusion Detection & Prevention Network Firewall & VPN Web Content Security Vulnerability Mgmt. Threat & Vulnerablity Alerting Endpoint Security Unisys or Customer Ticketing System Event Correlation Engine Incidents Portal Threat Pattern Database Event Database Response and Remediation Portal Normalization of Element-specific log file data Secure Remote Access Web Application Security Portal Reporting Security Event Monitoring Email Scanning Portal Threat and Vulnerability Alerting Application Security Services Scanner Portal Elementspecific Agents Elementspecific Agents Elementspecific Agents Security Infrastructure; Network Devices; OS, Application and Data Logs Unisys Monitored or Managed Security Elements Customer Managed Security Elements © 2014 Unisys Corporation. All rights reserved. 4
SIEM • It’s mostly after-the-fact • Protects everything the same way • Getting more and more expensive—like big data – Software costs – Storage of all the log and traffic data/meta data – Processing – Network resources to move data from endpoint to SIEM For advanced adversaries, the traditional approach just isn’t working. The New York Times article retrieved from www.nytimes.com © 2014 Unisys Corporation. All rights reserved. 5
How is this possible? • The real world follows the laws of physics— the cyber world follows manmade rules that govern the transfer of data • We forget how young the Internet is; it grew like a weed—without much change in the underlying protocols • Standardization cuts both ways • There are fundamental design flaws – Anonymity and spoofing • Software has bugs This is not going to be fixed quickly. © 2014 Unisys Corporation. All rights reserved. 6
SNOWDEN Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Edward Snowden Interview with Guardian readers, June 2013 © 2014 Unisys Corporation. All rights reserved. 7
What is Unisys Stealth™? • Software, running on Windows and Linux computers • FIPS 140-2 AES-256 certified cryptography module • Provides compartmentalized security by implementing virtual communities of interest (COI) for predetermined endpoint users • Authenticates and authorizes users based on identity, not network topology • Because it executes between the network and link protocol layers, it has no effect on applications or existing networks • Makes systems undiscoverable by attackers • Supports “clear COI” to allow for incremental integration into existing environments 7. Application 6. Presentation 5. Session 4. Transport 3. Network Stealth Shim 2. Link 1. Physical NIC © 2014 Unisys Corporation. All rights reserved. 8
Stealth Application compartmentalization for a Web Application • Because Stealth is software, it can be deployed with: – no network changes (no cabling, no VLAN or LAN changes, no firewall rules) – no application changes— either code or configuration • … and if you chose to install just the data center components, it can be done with: – no end-user impact— or even awareness © 2014 Unisys Corporation. All rights reserved. 9
Thank You David Frymier, Vice President and CISO, Unisys Corporation Questions? Contact: stealth@unisys.com

Empfohlen

SplunkLive Melbourne Splunk for Operational Security Intelligence
SplunkLive Melbourne Splunk for Operational Security Intelligence SplunkLive Melbourne Splunk for Operational Security Intelligence
SplunkLive Melbourne Splunk for Operational Security Intelligence Splunk
 
Information Security
Information SecurityInformation Security
Information SecurityDr. Himanshu Gupta
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Marc-Andre Heroux
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...Skoda Minotti
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security applicationRihab Chebbah
 
SYSTEMS AUDIT
SYSTEMS AUDITSYSTEMS AUDIT
SYSTEMS AUDITArul Nambi
 
Integrating Qualys into the patch and vulnerability management processes
Integrating Qualys into the patch and vulnerability management processesIntegrating Qualys into the patch and vulnerability management processes
Integrating Qualys into the patch and vulnerability management processesVladimir Jirasek
 

Empfohlen

SplunkLive Melbourne Splunk for Operational Security Intelligence
SplunkLive Melbourne Splunk for Operational Security Intelligence SplunkLive Melbourne Splunk for Operational Security Intelligence
SplunkLive Melbourne Splunk for Operational Security Intelligence Splunk
 
Information Security
Information SecurityInformation Security
Information SecurityDr. Himanshu Gupta
 
Jack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security MetricsJack Nichelson - Information Security Metrics - Practical Security Metrics
Jack Nichelson - Information Security Metrics - Practical Security Metricscentralohioissa
 
Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Enterprise Security Critical Security Functions version 1.0
Enterprise Security Critical Security Functions version 1.0Marc-Andre Heroux
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...Skoda Minotti
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security applicationRihab Chebbah
 
SYSTEMS AUDIT
SYSTEMS AUDITSYSTEMS AUDIT
SYSTEMS AUDITArul Nambi
 
Integrating Qualys into the patch and vulnerability management processes
Integrating Qualys into the patch and vulnerability management processesIntegrating Qualys into the patch and vulnerability management processes
Integrating Qualys into the patch and vulnerability management processesVladimir Jirasek
 
Build and Information Security Strategy
Build and Information Security StrategyBuild and Information Security Strategy
Build and Information Security StrategyInfo-Tech Research Group
 
Product_Brochure_Sales
Product_Brochure_SalesProduct_Brochure_Sales
Product_Brochure_SalesSarah-Jane Hutchins
 
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay AnandDrug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay AnandAkshay Anand
 
D&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay AnandD&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay AnandAkshay Anand
 
Information Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsInformation Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsPECB
 
Define an EA Operating Model
Define an EA Operating ModelDefine an EA Operating Model
Define an EA Operating ModelInfo-Tech Research Group
 
Mobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachMobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachAkshay Anand
 
Personnel Audit: Auditing process
Personnel Audit: Auditing processPersonnel Audit: Auditing process
Personnel Audit: Auditing processShalini Thakur
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability ManagementRisk Analysis Consultants, s.r.o.
 
Framework for a business process management competency centre
Framework for a business process management competency centreFramework for a business process management competency centre
Framework for a business process management competency centreMartin Moore
 
Visual Analytics and Security Intelligence
Visual Analytics and Security IntelligenceVisual Analytics and Security Intelligence
Visual Analytics and Security IntelligenceRaffael Marty
 
Application security models
Application security modelsApplication security models
Application security modelsERSHUBHAM TIWARI
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
TrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTuan Phan
 
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...Andris Soroka
 
System security
System securitySystem security
System securityReachLocal Services India
 
Elevate™ by Unisys
Elevate™ by UnisysElevate™ by Unisys
Elevate™ by UnisysUnisys Corporation
 
Unisys Integrated Medical Device Management - Executive Brief
Unisys Integrated Medical Device Management - Executive BriefUnisys Integrated Medical Device Management - Executive Brief
Unisys Integrated Medical Device Management - Executive BriefUnisys Corporation
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
Digital Generation CPG (German)
Digital Generation CPG (German)Digital Generation CPG (German)
Digital Generation CPG (German)Unisys Corporation
 
Digital Generation CPG UK
Digital Generation CPG UKDigital Generation CPG UK
Digital Generation CPG UKUnisys Corporation
 
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHIC
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHICSURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHIC
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHICUnisys Corporation
 

Weitere ähnliche Inhalte

Andere mochten auch

Drug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay AnandDrug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay AnandAkshay Anand
 
D&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay AnandD&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay AnandAkshay Anand
 
Information Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsInformation Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsPECB
 
Mobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachMobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachAkshay Anand
 
Personnel Audit: Auditing process
Personnel Audit: Auditing processPersonnel Audit: Auditing process
Personnel Audit: Auditing processShalini Thakur
 
Framework for a business process management competency centre
Framework for a business process management competency centreFramework for a business process management competency centre
Framework for a business process management competency centreMartin Moore
 
Visual Analytics and Security Intelligence
Visual Analytics and Security IntelligenceVisual Analytics and Security Intelligence
Visual Analytics and Security IntelligenceRaffael Marty
 
Application security models
Application security modelsApplication security models
Application security modelsERSHUBHAM TIWARI
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management Argyle Executive Forum
 
TrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTuan Phan
 
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...Andris Soroka
 

Andere mochten auch (16)

Build and Information Security Strategy
Build and Information Security StrategyBuild and Information Security Strategy
Build and Information Security Strategy
 
Product_Brochure_Sales
Product_Brochure_SalesProduct_Brochure_Sales
Product_Brochure_Sales
 
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay AnandDrug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
Drug Registration in GCC (Gulf Cooperation Council) - by Akshay Anand
 
D&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay AnandD&C Act 1940 Schedule Y - A Presentation by Akshay Anand
D&C Act 1940 Schedule Y - A Presentation by Akshay Anand
 
Information Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO StandardsInformation Security between Best Practices and ISO Standards
Information Security between Best Practices and ISO Standards
 
Define an EA Operating Model
Define an EA Operating ModelDefine an EA Operating Model
Define an EA Operating Model
 
Mobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachMobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory Approach
 
Personnel Audit: Auditing process
Personnel Audit: Auditing processPersonnel Audit: Auditing process
Personnel Audit: Auditing process
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Framework for a business process management competency centre
Framework for a business process management competency centreFramework for a business process management competency centre
Framework for a business process management competency centre
 
Visual Analytics and Security Intelligence
Visual Analytics and Security IntelligenceVisual Analytics and Security Intelligence
Visual Analytics and Security Intelligence
 
Application security models
Application security modelsApplication security models
Application security models
 
Implementing Vulnerability Management
Implementing Vulnerability Management Implementing Vulnerability Management
Implementing Vulnerability Management
 
TrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability ManagementTrustedAgent GRC for Vulnerability Management
TrustedAgent GRC for Vulnerability Management
 
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
Data Security Solutions - Cyber Security & Security Intelligence - @ Lithuani...
 
System security
System securitySystem security
System security
 

Mehr von Unisys Corporation

Unisys Integrated Medical Device Management - Executive Brief
Unisys Integrated Medical Device Management - Executive BriefUnisys Integrated Medical Device Management - Executive Brief
Unisys Integrated Medical Device Management - Executive BriefUnisys Corporation
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by DesignUnisys Corporation
 
Digital Generation CPG (German)
Digital Generation CPG (German)Digital Generation CPG (German)
Digital Generation CPG (German)Unisys Corporation
 
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHIC
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHICSURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHIC
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHICUnisys Corporation
 
Stealth Secures Along Every Step of Your Journey Infographic
Stealth Secures Along Every Step of Your Journey InfographicStealth Secures Along Every Step of Your Journey Infographic
Stealth Secures Along Every Step of Your Journey InfographicUnisys Corporation
 
DAS DILEMMA MIT DER GENERATION „DIGITAL“
DAS DILEMMA MIT DER GENERATION „DIGITAL“DAS DILEMMA MIT DER GENERATION „DIGITAL“
DAS DILEMMA MIT DER GENERATION „DIGITAL“Unisys Corporation
 
DIE NEUE DIGITALE INFRASTRUKTUR FÜR DIGITALE MITARBEITER DER NÄCHSTEN GENERAT...
DIE NEUE DIGITALE INFRASTRUKTUR FÜR DIGITALE MITARBEITER DER NÄCHSTEN GENERAT...DIE NEUE DIGITALE INFRASTRUKTUR FÜR DIGITALE MITARBEITER DER NÄCHSTEN GENERAT...
DIE NEUE DIGITALE INFRASTRUKTUR FÜR DIGITALE MITARBEITER DER NÄCHSTEN GENERAT...Unisys Corporation
 
STEHEN DIE ENDBENUTZER DER GENERATION „DIGITAL“FÜR DAS ENDE VON IT-TRANSPAREN...
STEHEN DIE ENDBENUTZER DER GENERATION „DIGITAL“FÜR DAS ENDE VON IT-TRANSPAREN...STEHEN DIE ENDBENUTZER DER GENERATION „DIGITAL“FÜR DAS ENDE VON IT-TRANSPAREN...
STEHEN DIE ENDBENUTZER DER GENERATION „DIGITAL“FÜR DAS ENDE VON IT-TRANSPAREN...Unisys Corporation
 
DIE GENERATION DIGITAL UND DIE IT-LÜCKE IN UNTERNEHMEN.
DIE GENERATION DIGITAL UND DIE IT-LÜCKE IN UNTERNEHMEN. DIE GENERATION DIGITAL UND DIE IT-LÜCKE IN UNTERNEHMEN.
DIE GENERATION DIGITAL UND DIE IT-LÜCKE IN UNTERNEHMEN.Unisys Corporation
 
Digital Gen: Hybrid IT Infographic
Digital Gen: Hybrid IT Infographic Digital Gen: Hybrid IT Infographic
Digital Gen: Hybrid IT Infographic Unisys Corporation
 
Digital Gen: Security Infographic
Digital Gen: Security InfographicDigital Gen: Security Infographic
Digital Gen: Security InfographicUnisys Corporation
 
Digital Gen: End User Services Infographic
Digital Gen: End User Services InfographicDigital Gen: End User Services Infographic
Digital Gen: End User Services InfographicUnisys Corporation
 
​​Unisys Stealth(cloud)™ for Azure Infographic
​​Unisys Stealth(cloud)™ for Azure Infographic​​Unisys Stealth(cloud)™ for Azure Infographic
​​Unisys Stealth(cloud)™ for Azure InfographicUnisys Corporation
 
Managed Security Services Infographic
Managed Security Services InfographicManaged Security Services Infographic
Managed Security Services InfographicUnisys Corporation
 
Unisys Stealth Industries Infographic
Unisys Stealth Industries InfographicUnisys Stealth Industries Infographic
Unisys Stealth Industries InfographicUnisys Corporation
 
Digital Generation Infographic
Digital Generation InfographicDigital Generation Infographic
Digital Generation InfographicUnisys Corporation
 

Mehr von Unisys Corporation (20)

Elevate™ by Unisys
Elevate™ by UnisysElevate™ by Unisys
Elevate™ by Unisys
 
Unisys Integrated Medical Device Management - Executive Brief
Unisys Integrated Medical Device Management - Executive BriefUnisys Integrated Medical Device Management - Executive Brief
Unisys Integrated Medical Device Management - Executive Brief
 
Privacy and Security by Design
Privacy and Security by DesignPrivacy and Security by Design
Privacy and Security by Design
 
Digital Generation CPG (German)
Digital Generation CPG (German)Digital Generation CPG (German)
Digital Generation CPG (German)
 
Digital Generation CPG UK
Digital Generation CPG UKDigital Generation CPG UK
Digital Generation CPG UK
 
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHIC
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHICSURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHIC
SURVEY RESULTS: ACCELERATING INNOVATION AND THE DIGITAL JOURNEY - INFOGRAPHIC
 
Unisys Client 360
Unisys Client 360Unisys Client 360
Unisys Client 360
 
Stealth Secures Along Every Step of Your Journey Infographic
Stealth Secures Along Every Step of Your Journey InfographicStealth Secures Along Every Step of Your Journey Infographic
Stealth Secures Along Every Step of Your Journey Infographic
 
DAS DILEMMA MIT DER GENERATION „DIGITAL“
DAS DILEMMA MIT DER GENERATION „DIGITAL“DAS DILEMMA MIT DER GENERATION „DIGITAL“
DAS DILEMMA MIT DER GENERATION „DIGITAL“
 
DIE NEUE DIGITALE INFRASTRUKTUR FÜR DIGITALE MITARBEITER DER NÄCHSTEN GENERAT...
DIE NEUE DIGITALE INFRASTRUKTUR FÜR DIGITALE MITARBEITER DER NÄCHSTEN GENERAT...DIE NEUE DIGITALE INFRASTRUKTUR FÜR DIGITALE MITARBEITER DER NÄCHSTEN GENERAT...
DIE NEUE DIGITALE INFRASTRUKTUR FÜR DIGITALE MITARBEITER DER NÄCHSTEN GENERAT...
 
STEHEN DIE ENDBENUTZER DER GENERATION „DIGITAL“FÜR DAS ENDE VON IT-TRANSPAREN...
STEHEN DIE ENDBENUTZER DER GENERATION „DIGITAL“FÜR DAS ENDE VON IT-TRANSPAREN...STEHEN DIE ENDBENUTZER DER GENERATION „DIGITAL“FÜR DAS ENDE VON IT-TRANSPAREN...
STEHEN DIE ENDBENUTZER DER GENERATION „DIGITAL“FÜR DAS ENDE VON IT-TRANSPAREN...
 
DIE GENERATION DIGITAL UND DIE IT-LÜCKE IN UNTERNEHMEN.
DIE GENERATION DIGITAL UND DIE IT-LÜCKE IN UNTERNEHMEN. DIE GENERATION DIGITAL UND DIE IT-LÜCKE IN UNTERNEHMEN.
DIE GENERATION DIGITAL UND DIE IT-LÜCKE IN UNTERNEHMEN.
 
Digital Gen: Hybrid IT Infographic
Digital Gen: Hybrid IT Infographic Digital Gen: Hybrid IT Infographic
Digital Gen: Hybrid IT Infographic
 
Digital Gen Infographic
Digital Gen InfographicDigital Gen Infographic
Digital Gen Infographic
 
Digital Gen: Security Infographic
Digital Gen: Security InfographicDigital Gen: Security Infographic
Digital Gen: Security Infographic
 
Digital Gen: End User Services Infographic
Digital Gen: End User Services InfographicDigital Gen: End User Services Infographic
Digital Gen: End User Services Infographic
 
​​Unisys Stealth(cloud)™ for Azure Infographic
​​Unisys Stealth(cloud)™ for Azure Infographic​​Unisys Stealth(cloud)™ for Azure Infographic
​​Unisys Stealth(cloud)™ for Azure Infographic
 
Managed Security Services Infographic
Managed Security Services InfographicManaged Security Services Infographic
Managed Security Services Infographic
 
Unisys Stealth Industries Infographic
Unisys Stealth Industries InfographicUnisys Stealth Industries Infographic
Unisys Stealth Industries Infographic
 
Digital Generation Infographic
Digital Generation InfographicDigital Generation Infographic
Digital Generation Infographic
 

Kürzlich hochgeladen

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Kürzlich hochgeladen (20)

SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Big Data is Old School – Endpoint Intelligence is the New Information Security

  • 1. Big Data InfoSec Should Be Dead David Frymier Vice President and CISO, Unisys
  • 2. Two Big Drivers IT Environment Consumerization of IT • New devices are everywhere; employees will use them – Consumer devices are not generally MS domain aware • Not just about devices—new services on the Internet tunnel port 80 – gotomyPC, logmein – Dropbox • Organizational perimeter crumbling © 2014 Unisys Corporation. All rights reserved. 2
  • 3. Advanced Persistent Threat • Enters through spam e-mail, bad websites • “Beacons” back to command and control servers – Reports in – Obtains instructions/more malware • Evades anti-malware software • Low and slow • Looks laterally and vertically in network for high value targets • Can be found through beaconing activity Corporate Jewels Enterprise Administration (Active Directory) Departmental infrastructure Random spam Spear phishing Bad web site Botnet C&C © 2014 Unisys Corporation. All rights reserved. 3
  • 4. Security Monitoring Model – SIEM Current countermeasures Portal Network Security Services Asset Inventory and Vulnerability Scanning Portal Security Incident Management Dashboard & Reports Assets and Vulnerabilities Intrusion Detection & Prevention Network Firewall & VPN Web Content Security Vulnerability Mgmt. Threat & Vulnerablity Alerting Endpoint Security Unisys or Customer Ticketing System Event Correlation Engine Incidents Portal Threat Pattern Database Event Database Response and Remediation Portal Normalization of Element-specific log file data Secure Remote Access Web Application Security Portal Reporting Security Event Monitoring Email Scanning Portal Threat and Vulnerability Alerting Application Security Services Scanner Portal Elementspecific Agents Elementspecific Agents Elementspecific Agents Security Infrastructure; Network Devices; OS, Application and Data Logs Unisys Monitored or Managed Security Elements Customer Managed Security Elements © 2014 Unisys Corporation. All rights reserved. 4
  • 5. SIEM • It’s mostly after-the-fact • Protects everything the same way • Getting more and more expensive—like big data – Software costs – Storage of all the log and traffic data/meta data – Processing – Network resources to move data from endpoint to SIEM For advanced adversaries, the traditional approach just isn’t working. The New York Times article retrieved from www.nytimes.com © 2014 Unisys Corporation. All rights reserved. 5
  • 6. How is this possible? • The real world follows the laws of physics— the cyber world follows manmade rules that govern the transfer of data • We forget how young the Internet is; it grew like a weed—without much change in the underlying protocols • Standardization cuts both ways • There are fundamental design flaws – Anonymity and spoofing • Software has bugs This is not going to be fixed quickly. © 2014 Unisys Corporation. All rights reserved. 6
  • 7. SNOWDEN Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Edward Snowden Interview with Guardian readers, June 2013 © 2014 Unisys Corporation. All rights reserved. 7
  • 8. What is Unisys Stealth™? • Software, running on Windows and Linux computers • FIPS 140-2 AES-256 certified cryptography module • Provides compartmentalized security by implementing virtual communities of interest (COI) for predetermined endpoint users • Authenticates and authorizes users based on identity, not network topology • Because it executes between the network and link protocol layers, it has no effect on applications or existing networks • Makes systems undiscoverable by attackers • Supports “clear COI” to allow for incremental integration into existing environments 7. Application 6. Presentation 5. Session 4. Transport 3. Network Stealth Shim 2. Link 1. Physical NIC © 2014 Unisys Corporation. All rights reserved. 8
  • 9. Stealth Application compartmentalization for a Web Application • Because Stealth is software, it can be deployed with: – no network changes (no cabling, no VLAN or LAN changes, no firewall rules) – no application changes— either code or configuration • … and if you chose to install just the data center components, it can be done with: – no end-user impact— or even awareness © 2014 Unisys Corporation. All rights reserved. 9
  • 10. Thank You David Frymier, Vice President and CISO, Unisys Corporation Questions? Contact: stealth@unisys.com