Introduction to Multilingual Retrieval Augmented Generation (RAG)
Segurança da Informação e Estrutura de Redes - Café Empresarial 15/05
1. Notes accompany this presentation. Please select Notes Page view.
These materials can be reproduced only with written approval from Gartner.
Such approvals must be requested via e-mail: vendor.relations@gartner.com.
Gartner is a registered trademark of Gartner, Inc. or its affiliates.
Information Security Technology
and Services
Claudio Neiva
Research Director – Network Security
Claudio.neiva@gartner.com
4. DDoS Attacks Increasing in Size;
Frequency of Attacks Is High
Source: Arbor Networks — Worldwide Infrastructure Security Report 2013
0
20
40
60
80
100
120
2002 2003 2004 2005 2006 2007 2008 2009 2010 2011
0
5
10
15
20
25
30
35
40
45
50
Most Common Motivations Behind DDOSLargest Bandwidth Attacks Reported
5. Phishing e-mails
Phishing e-mails vary in
quality, payload, and
purpose, but they all
share the same initial
goal: get the user to take
action
Source: Verizon 2013 security report
6. Likely Impacts
• Loss of availability:
1. Several hours
2. Several days
3. Forever
• Confidentiality failure:
1. Embarrassment
2. Privacy loss, fine and PR damage
3. Loss of competitive advantage
• Data loss:
1. Recoverable in several days
2. Partially corrupted data
3. Never fully recoverable
7. Confidentiality and Accessibility
Cannot Be Simultaneously Optimized
Confidentiality
Accessibility/Availability
• Secrecy and reliability are
negatively linked goals
• Time and money can partially
raise the overall level of both
Nobody can see data
Everybody can see data
Optimized
Trade-off Curve
10. Low Risk
High Cost
High Maturity
What Is Appropriate Risk?
There is no such thing as "perfect protection"
Manufacturing Healthcare
Financial
Services
Production Engineering
High Risk
Low Cost
Low Maturity
… More risk!
Business Model
More customers, more locations, more complexity, more
aggressive use of personally identifiable information in
marketing, more regulatory scrutiny, …
Station
Access
Govern
11. The Nexus of Forces Is Driving Innovation
in Government
Extreme
Networking
Rampant
Access
Global Class
Delivery
Rich Context,
Deep Insights
12. Data Loss
Prevention
Secure Web
Gateway
Secure Web
Gateway
Risk
Security Application
Testing
Security
Information and
Event Management
Cryptography
Firewalls
Managed Security
Services
Intrusion Prevention
Mobile Security
Endpoint Protection
Social Media
Security
Monitoring
Digital Surveillance
Information Security and
the Nexus of Forces
Identity and Access
Management
NEXUS
NEXUS
13. The 4 Phases of BYOD (Device or Disaster?)
Don't Ask, Don't Tell
Corporate-Owned
Devices Only
Focus:
Productivity
• Desktop
Virtualization
• Adoption of New
Enterprise-Grade
Services
• Enterprise App
Stores
• Self-Service and
P2P Platforms
Focus: Data
Protection, Cost
• BYO Policies
• Formal Mobile
Support Roles
• MDM
• NAC
• Limited Support
• Extend Existing
Capabilities
Realization of the
Personal Cloud
• Context Awareness
• Identity-Aware NAC
• Workspace
Aggregators
• "Walk-Up" Services
Avoid AdoptAccommodate Assimilate
14. How's This Working for You?
2002 2010 2018
Security is in the control of IT & Operations
Security is in the control of
business units and users
15. Strategic Planning Assumption
By 2018, 70% of mobile professionals will conduct all of their work on
personal smart devices.
Through 2015, 80% of successful attacks will exploit well-known
vulnerabilities and will be detectable via security monitoring.
By 2020, 75% of enterprises' information security budgets will be
allocated for rapid detection and response approaches, up from less
than 10% in 2012.
16. Can Your Board Handle the Truth?
100% of U.S. public company boards are required
annually to disclose their
ability to oversee risk, yet …
fewer than 2% of U.S.-based companies,
and fewer than 9% of global companies,
actually have robust and mature
risk oversight practices.
18. Information Security Privacy Risk Management
Business Continuity
Management
Compliance Identity and Access
Management
19. Identity
Single-Sign-On
Auto
provisionamento
Hootsuite – Redes
Sociais
GRC &
Auditing
Analise de
Vulnerabilidades
Pentest
Auditoria interna
PCI
Gestão de Risco
Legal &
Policy
Revisão de
Política
Contrato para
fornecedores
Contrato para
colaboradores
Information Security Management
Scenario
Software
Auditoria de
código
Fortify - Métodos
Ágeis
Whitelisting
SO Assessment
Endpoint
VPN
NAC
AV, Malware &
Host IPS
DLP & Criptografia
Proxy Internet
AntiSpam
Awareness
E-learning
Hotspots
E-mails educativos
Palestras
Treinamentos
específicos
Intel &
Operation
SOC
SIEM
Perimeter
IPS
Firewall
Firewall Aplicação
(WAF)
VPN
Gestão de Segurança da Informação
Composto por diversas áreas da empresa, não é exclusivo da TI. Incorpora a Segurança da Informação, TI, mas
também usuários, controladores, auditoria, RH, Jurídico etc.
A segurança deve estar presente em cada um, a preocupação deve ser de todos.
Política de Segurança
Documenta as responsabilidades de cada um, os pontos de atenção e os controles necessários.
Para os controles define procedimentos e checklists para implantação e monitoramento
Perímetro: primeira barreira – reativa – entre a Internet e redes internas. Base em redes.
IPS: bloqueia ataques de volume ou diversos;
Firewall: realiza o controle de acesso
WAF: blinda aplicações Web
VPN permite acesso externo como se estivesse na rede interna.
Software – segunda barreira – proativa – código e aplicações seguras
Auditoria de código: com ferramenta adequada realizado pela equipe de segurança
Fortify: parte do processo de desenvolvimento com deploy ágil
Whitelisting: controle das aplicações o servidor de aplicação pode executar
Assessment: validação cíclica dos servidores de aplicação quanto a checklists
Endpoint – proteção de estacoes, notebooks e dispositivos moveis
VPN: permite o acesso externo seguro
NAC: permite o acesso interno seguro
AV, Anti-malware, Host IPS, DLP e Criptografia: protege a estação e os dados
Proxy e AntiSpam: protege o usuário e a produtividade
Conscientização e educação dos usuários
e-learning e e-mail educativos com curiosidades e dicas
Hotspots de tecnologia (folhetos, paineis)
Palestras e treinamentos realizados pela área
Palestras e treinamentos contratados
Gestão de Identidade
Single-sign-on: login automático em aplicações após o login no Windows
Auto provisionamento: criação e exclusão de contas em único workflow
Hootsuite: gestão de acesso a perfis de redes sociais
Inteligência e Gestão de Logs
SIEM: concentração de logs e aplicação de regras de segurança e de negocio no correlacionamento dos
eventos detectados
SOC: equipe especializada em monitorar incidentes e executar tarefas operacionais de segurança da
informação
GRC e Auditoria
Auditoria, PCI e Gestão de Risco: monitoramento das vulnerabilidades e gestão dos riscos
Analise de vulnerabilidades: analise manual de todos os ativos de informação da empresa por consultoria
especializada
Pentest: teste de intrusão manual nas vulnerabilidades encontradas e input para gestão de riscos
Legal e Política
Revisões cíclicas da Política: reuniões entre pessoas chaves do comitê de segurança ou similar para
elaboração de Políticas e aprovação
Contrato para fornecedores: contrato com os requisitos de segurança impostos aos fornecedores de ativos
de informação
Contrato para colaboradores: adendo ao contrato de trabalho regulando o uso de ativos de TI
Implemented GapRevision
Information Security – Framework
20. From Control-Centric Security
to People-Centric Security
Policy Rules
People
Punishment
Control
Rights Principles
Policy
Responsibilities
People
Monitor
Educate
21. Kickin' it old school
• Threat-based
• Tool-focused
• Tactical
• Reactive
• Project-oriented
• Ignored by business
• Take ownership of risk
The new paradigm
• Risk-based
• Process-focused
• Strategic
• Proactive
• Programmatic
• Engaged with business
• Educate about risk
New Goals of Information Security
The function of information security management is to support the
business's ability to deliver on its goals in a risk-resilient manner.
Cost Center Value-Add
22. Transform: Mapping KRIs and KPIs
Revenue
Loss
Miss
the
Quarter
Leading
Indicator
That…
Leading
Indicator
That…
Leading
Indicator
That…
Critical
Application
Fault
Supply
Chain
Support
Application
Key Risk
Indicator
Open
Incidents
Poor
Patching
Negative
Impact KPI
Supply
Chain
Slows
CRO/CISO CIO The Business
24. What product and vendor selection tools
are appropriate for my enterprise?
25. Gartner Methodologies
Gartner IT Market Clock
Gartner Hype Cycle
Gartner MarketScope
Gartner Magic Quadrant
Technology Evolution
Market Overview
Gartner Critical Capabilities
Should you move or wait?
Maintain or retire?
Evaluate risks in emerging
and mature markets
Map providers against
business requirements
Identify use cases and
compare vendors
26. Recommended Gartner Research
The Structure and Scope of an Effective Information Security Program
Tom Scholtz (G00210133)
Security Management Strategy Planning Best Practices
Tom Scholtz (G00223694)
The Security Processes You Must Get Right
Rob McMillan (G00209848)
Seven Techniques for More Proactive Risk and Security Management
Tom Scholtz (G00224578)
The Keep-It-Simple Approach for CIO Risk Reporting to the Board
Richard Hunter, French Caldwell (G00211351)
Introducing Risk-Adjusted Value Management
Paul E. Proctor, Michael Smith (G00225409)
The Gartner Business Risk Model: A Framework for Integrating Risk
and Performance
Paul E. Proctor, Michael Smith (G00214758)
Information Security and Risk Governance: Forums and Committees
Tom Scholtz, F. Christian Byrnes (G00207477)
For more information, stop by Experience Gartner Research Zone.