Gartner presentation risq dec 2016 jie zhang

CONFIDENTIAL AND PROPRIETARY
This presentation, including any supporting materials, is owned by Gartner, Inc. and/or its affiliates and is for the sole use of the intended Gartner audience or other intended recipients. This presentation may contain
information that is confidential, proprietary or otherwise legally protected, and it may not be further copied, distributed or publicly displayed without the express written permission of Gartner, Inc. or its affiliates.
© 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Top Security Trends
and Take-Aways
Jie Zhang

1 © 2016 Gartner, Inc. and/or its affiliates. All rights reserved.
Security for the Next Generation of Threat
 A pervasive digital presence is expanding into business, industry
and society
 Once networked, this digital presence substantively alters risk
for digital businesses
 Digital security is the next evolution in cybersecurity
to protect this pervasive digital presence

Security Macro Trends You Face in the Age
of the Pervasive Digital Presence
 Risk and Resilience Seek Balance
 Security Disciplines Converge
 Secure Digital Supply Chain Needs Grow
 Security Skills Options Expand
 Adaptive Security Architecture Embraced
 Data Security Governance Arrives
 Digital Business Drives Digital Security

Risk and Resilience
Seek Balance

Security Moves to an Embedded State in the Organization
 Governance
 Compliance
 Control
 Protection
 Reliability
 Speed
 Assurance
 Transparency
RISK RESILIENCE
Privacy
Safety
Value
Cost

Security Principles for Trust and Resilience
Business Outcomes
Risk-Based
Data Flow
Facilitator
Detect and
Respond
Principle of
Trust and Resilience
People-Centric

Take-Aways for Risk and Resilience Balance
 Revisit the security organizational structure to ensure it reflects
current mission
 Revise the methods used to calculate IT risk to incorporate
new variables and factors
 Refine the security communication and education process to
emphasize agility

Security Disciplines
Converge

Digital Security for the Pervasive Digital Presence
Defense
Offense
Reactive
Proactive
IoT Security
Information Security
IT Security
OT
Security
Physical
Security
You Are Here
Digital Security

"Digital Safety" Becomes a New Force and Responsibility
The CIAS Model of Digital Security
Integrity
Data
People
Environments
Confidentiality
Availability
Safety
Graphics: Can Stock Photo

Take-Aways for Security Convergence
 Establish security governance and
planning relationships with physical
and industrial counterparts
 Improve cross-discipline procurement
methods for security requirements
 Modify security architecture to include
additional layers where required
 Investigate changes in security
management and operations that may
be required to accommodate
convergence

Secure Digital
Supply Chain

Integrated Digital Security for the Supply Chain(s)
SUPPLY
CHAIN
DIGITAL
SUPPLY
CHAIN
DIGITAL SECURITY FOR THE
SUPPLY CHAIN(S)
IoT Security
Information Security
IT Security
OT
Security
Physical
Security
Digital Security

SIEM
Software Asset
Management
Expanding (and Confusing) SaaS Control Add-On Markets
Today's enterprise suffers from coordination frustration.
Encouraging evolution of multicloud, multifunction management consoles.
Activity Threat Control
Archive and Recovery
Cloud Access
Security Broker
EMM
Confidentiality
IDaaS
SaaS
Aggregation
Tool
Mobile Device
Management
Before and During Login
After Login
Service Monitoring
Malware Control

Take-Aways for Securing the Cloud (Supply Chain)
 Develop an enterprise public cloud
strategy.
 Implement and enforce policies
on usage responsibility and cloud
risk acceptance.
 Follow a cloud life cycle
governance approach.
 Develop expertise in the security
and control each cloud
model used.
 Implement technologies to fight
cloud diffusion complexity.
Conduct Risk
Assessment
(decision
establishes
requirements
for technical and
process
controls)
Medium
Exposure
Potential Impact of Security Failure
BusinessContribution
(ValueofService)
Low High
Always Allowed
Low
High
DoNotAllowDoNotAllow

Security Skills
Options Expand

Assess the Most Critical Skills Impacts of Digital Security
Already, Traditional Security Strategies Are Shifting To:
Contextual Security
Monitoring and
Response
Ubiquitous Identity
Management
Data Classes,
Data
Governance
Security
Awareness,
Privacy & Behavior
01011 Embedded
Security
Network
Segmentation,
Engineering
Physical
Security
Automation

Key Take-Aways to Accelerate Skills Generation
and Convergence
 Build a long-term security
workforce plan.
 Make coaching and skills development
first task.
 Embed security skills within
the lines-of-business.
 Change security specialists
to "versatilists."
 Mix traditional and agile
recruitment techniques.
 Evaluate current skills gaps.

Adaptive Security
Architecture Is
Embraced

Software-Defined Everything, Including Security
"Data Plane"
"Control Plane"
APIAPI API API
APIAPI API
Southboun
d APIs
Northboun
d APIs
Layers of Abstraction
API
Platform
APIs
Applications

Respond Detect
Detect incidents
Prevent attacks
Confirm and prioritize risk
Contain incidents
Isolate systems
Predict Prevent
Harden systems
Compliance
Policy
Monitor posture
Adjust
posture
Implement
posture
Adjust posture
Continuous
Visibility and
Verification
Users
Systems
System activity
Payload
Network
Investigate incidents/
retrospective analysis
Remediate
Anticipate threats/
attacks
Risk-prioritized
exposure assessment
Design/Model policy change
Baseline systems
and security
posture
Develop an Adaptive Security Architecture

Threat Intelligence Platforms Allow You to Visualize,
Correlate and Gain Context
Emerging
Threats
Shadowserver
ZeuS
Tracker
Abuse.ch
Open-Source MRTI Feeds
Norse
IID
Cyveillance
Malcovery
Commercial Feeds
GeoIP Malware
Lookup
Domain Tools
Enrichment Services
News RSS
Feeds
Websites
OSINT Sources
Threat Intelligence Platform
Analytics Threat Intelligence
Processing
Visualization
Reporting
Forensics
Threat Intelligence
Sharing
Incident
Response
SOC
Analyst
Fraud Threat
Analyst
Management Malware
Analyst
Help
Desk
People
Process
Circle of
Trust Sharing
Workflow/
Escalation
Communication Fraud
Technology
Secure Web
Gateway
NGFW
IPS/IDS Logs

Take-Aways for Adaptive Security Architecture
 Shift security mindset from "incident
response" to "continuous response"
 Spend less on prevention; invest in detection,
response and predictive capabilities
 Favor context-aware network, endpoint
and application security protection platforms
 Develop a security operations center
 Architect for comprehensive, continuous monitoring at all layers
of the IT stack.

Data Security
Governance Arrives

Develop a Data-Centric Audit and Protection Approach
Activity
Monitoring
Assessment
of Users
and Permissions
User Monitoring
and Auditing
Data Security
Policy
Data Classification
and Discovery Policy
Data Security
Controls
Protection
Analysis and
Reporting
Blocking, Encryption,
Tokenization
and Data Masking

Take-Aways for Data Security Governance
 Prioritize organization-wide data security
governance and policy.
 Identify and implement risk-appropriate
data security controls by data type
where possible.
 Implement a DCAP strategy that includes
disciplined and formal product selection.
 Incorporate big data plans and unique
requirements into security strategy.

Digital Business
Drives Digital
Security

Securing a Pervasive Digital Presence
(the Internet of Things)
Gateways
Things Agents
Analytics
Applications
Data
Cloud Mobile MES,
ERP
Partners
IoT Platform Middleware
Core Business Processes
IoT Edge Processing
CommunicationsIntegration
Integration Communications
 Security requirements:
– Policy creation and management
– Monitoring, detection and response
– Access control and management
– Data protection
– Network segmentation
 Key challenges:
– Scale
– Diversity (age and type)
– Function
– Regulation
– Privacy
– Standardization
Recommendations: Focus on small scenarios. Use risk-based prioritization. Emphasize segmentation and access initially.

Enterprise
Consumer
 Business Disruption
 Espionage and Fraud
 Financial Waste
Cyber Risks and Consequences in an IoT Solution
IoT
Platform
 Platform Hacking
 Data Snooping
and Tampering
 Sabotaging Automation
and Devices
Edge
 Device Impersonation
 Device Hacking
 Device Counterfeiting
 Snooping, Tampering,
Disruption, Damage
Dev. Prod.

IAM Trends of 2015-2016 That Include an Identity
of Things
IAM Program Management
and Governance
(Digital)
Business and Operational Needs
(Digital)
Risk Management and Compliance
Things
People
Apps and
Data
Relationships
Interactions

Take-Aways for Digital Security
 Balance Risk and Resilience
 Make the Security Discipline Decision
 Enhance Digital Security Supply Chains
 Retool Security Skills
 Embrace Adaptive Security Architecture
 Selective Improve Security Infrastructure
 Embrace Data Security Governance

Gartner presentation risq dec 2016 jie zhang

More Related Content

What's hot (20)

Similar to Gartner presentation risq dec 2016 jie zhang (20)

More from ColloqueRISQ (20)

Recently uploaded (20)

Gartner presentation risq dec 2016 jie zhang