A Data-Centric Approach to Endpoint Security€¦ · on emerging market trends, company and product strategies, differentiated vendor messaging and positioning, and meeting enterprise

A Data-Centric Approach to Endpoint Security

September 28, 2017

Eric Ogren Senior Analyst, Security 451 Research

Bill Bradley Director of Product Marketing Digital Guardian

About Eric Ogren •  Eric Ogren is a Senior Analyst with the Information Security

team. Eric has extensive experience in software development, technology marketing, and as a security industry analyst.

•  Eric contributes pragmatic perspectives for security clients on emerging market trends, company and product strategies, differentiated vendor messaging and positioning, and meeting enterprise solution purchase criteria.

•  Prior to joining 451 Research, Eric held marketing leadership positions with security vendors such as RSA Security and OKENA, and technology vendors such as Digital Equipment.

2

Eric Ogren Senior  Analyst,  Security  

About Bill Bradley

§ Leads Product Marketing Data Loss Prevention

§ 20 Years of Marketing & Sales Experience •  Field Sales, Competitive Analysis,

Product Marketing & Management

§ Previously at Rapid7 and General Electric

3

Bill Bradley Director,  Product  Marke6ng  

Basic structure for today’s conversation

4

Transforming security with the infrastructure

State of enterprise security

Evolving to data-centric approaches

The information security debt

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Q11. How many full time employees (FTEs) does your IT organization currently employ? Q12. How many full time employees (FTEs) does your organization currently employ that are dedicated to information security tasks?

Average Size and Ratio of Security Team – By Company Size Information Security Respondents

5 Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

Average Number of Employees in Information Security Average Ratio of Security Employees to IT employees

14.1%

7.6%

11.1%

0.0%

5.0%

10.0%

15.0%

20.0%

25.0%

1-999 employees 1,000-9,999 employees

10,000+ employees

5 9

54

0

10

20

30

40

50

60

1-999 employees 1,000-9,999 employees

10,000+ employees

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

6

Average Ratio of Security Employees to IT employees – By Industry Information Security Respondents

14.7%

14.2%

11.9%

10.8%

10.8%

10.7%

10.5%

9.7%

6.1%

4.1%

8.0%

Services

B2B Software, IT and Computer Services

Retail

Healthcare

Govt/Educ

Manufacturing

Finance

Telecommunications

Communications, Media and Publishing

Utilities

Other

Mean

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

Q40. Who does the head of Information Security report to?

7

Information Security Reporting Chain Respondents with a Single Information Security Executive Leader in Their Organizations

46.6%

21.9%

5.2%

5.2%

4.4%

3.3%

3.8%

9.6%

43.2%

20.1%

8.3%

7.9%

7.0%

4.8%

2.6%

6.1%

CIO, Head of Information Technology

CEO

CTO

Board of Directors

COO

CFO

Chief Risk Officer

Other

Percent of Sample Q2 2016 (n=479)

Q2 2017 (n=229)

How did we get here? It all starts with your business

8

Your Business

How did we get here? Need to bolt on security!

9

Your Business

How did we get here? New threats? New products!

10

Your Business

We’re catching on to the problems with this picture

11

An attack can go anywhere once inside security defenses

Security teams get bogged down managing all those products and all the data they produce

Security teams get isolated from the rest of IT and special skills keep us isolated

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

Q3. What were your top general information security concerns during the last 90 days? Please select all that apply.

12

Top Information Security Concerns – Past 90 Days Information Security Respondents

52.5%

49.1%

31.7%

19.8%

19.6%

7.3%

Hackers/Crackers with Malicious Intent

Compliance

Internal Audit Deficiencies Based on Findings

Preventing/Detecting Insider Espionage

Cyber-Warfare

Other

Percent of Sample

n = 495

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

Q2. For the top information security projects currently being implemented within your organization, what was the key determinant in their approval?

13

Reasons for Implementing Security Projects Information Security Respondents

21.6%

21.4%

11.1%

9.9%

9.1%

8.9%

8.7%

5.5%

3.8%

Risk Assessment

Compliance Requirement

Business Requirement

Championed by a Senior Leader (e.g., Sacred Cow)

Driven by Due Diligence (e.g., Customer Requirement)

Audit Response

Reputational/Brand Risk

Return on Investment (ROI)

Other

Percent of Sample

n = 495

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

Q1. What are your organization’s top information security pain points? Please select up to three.

14

Top Security Pain Points Information Security Respondents

34.1%

21.0%

20.6%

20.4%

19.0%

18.4%

17.2%

17.0%

16.6%

16.0%

14.7%

12.1%

11.9%

11.7%

11.5%

9.3%

4.6%

User Behavior

Organizational Politics/Lack of Attention to Information Security

Staffing Information Security

Lack of Budget

Security Awareness Training (Ineffectiveness or Difficulty)

Accurate, Timely Monitoring of Security Events

Endpoint Security

Malicious Software (Malware)

Cloud Security

Application Security

Data Loss/Theft

Mobile Security

Ransomware

Third-Party/Supplier Security

Keeping Up with New Technology

Firewall/Edge Network Security

Other

Percent of Sample

n = 495

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

Q44. Which of the following metrics does your organization use/track for information security staff? Please select all that apply.

15

Metrics To Manage Security Information Security Respondents

53.0%

42.8%

44.9%

34.2%

34.4%

31.2%

32.4%

21.9%

2.2%

47.5%

39.0%

34.4%

34.2%

32.3%

29.2%

28.3%

21.9%

4.0%

Security Incidents Resolved

Tickets Resolved (e.g., ‘Trouble Tickets’)

Audit Issues Resolved

Application Availability (e.g., Uptime/Downtime)

Project Completion

Time to Recovery/Restore from an Outage

Lack of Data Breaches

We Don’t Use Metrics

Other

Percent of Sample Q2 2016 (n=837)

Q2 2017 (n=421)

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Q16. What’s the status of the use of security analytics in your information security program? Q17. What has been the key benefit of your use of security analytics?

Security Analytics Information Security Respondents

16 Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

38.7%

34.7%

26.5%

In Use

Planned for the Next 12 Months

Not In Plan

Percent of Sample

n = 426

24.5%

23.9%

14.5%

13.8%

11.3%

6.3%

2.5%

3.1%

Better Able To Detect and Address External Attacks

Better Anomaly Detection on Our Network

Improved Incident Response/Forensics Evidence Data Capture

We’re Detecting Security Incidents Not Previously Captured

Better Ability To Understand and Respond to Anomalous User Behavior

Better Able To Detect and Address Internal Attacks

No Benefit

Other

Percent of Sample

n = 159

Security Analytics Status Key Benefit of Security Analytics

Security analytics dimensions

17

Data

Business Network

User

What are CISOs doing about it?

18

Consolidating product portfolios

Investing in security analytics

Shifting attention to operations

INFORMATION SECURITY: ORGANIZATIONAL DYNAMICS 2017

Source: 451 Research, Voice of the Enterprise: Information Security, Organizational Dynamics 2017

Q15. What are the key reasons for increasing information security focused staff? Please select all that apply.

19

Staff Increase Reasons Respondents with Increasing Security Staff

49.6%

49.1%

44.2%

25.3%

9.0%

10.5%

7.2%

48.7%

45.1%

40.0%

25.1%

7.7%

7.7%

12.3%

Significant Project(s) Driving Additional Demand

New Skills Are Required

Overall Business Growth

IT Organizational Changes (e.g., Restructuring teams)

Company Merger/Acquisition

Information Security Functions being In-Sourced from a Third-Party Provider or Managed Security Service Provider (MSSP)

Other

Percent of Sample Q2 2016 (n=391)

Q2 2017 (n=195)

20

Thank You!

Smart Consolidation on the Endpoint Digital Guardian for Data Protection

Triad of Roles

22

Incident Responder

Threat Hunter

InfoSec Analyst

Triad of Needs

23

Response Threat

Data

Myriad Solutions at the Endpoint

24

Myriad Solutions at the Endpoint

25

Myriad Solutions at the Endpoint

26

27

WELCOME TO

The Convergence of DLP & EDR

DETECT THREATS STOP DATA THEFT

From Insiders & Outside Attackers

Ransomware, Malware and Non-Malware

Based

28

WELCOME TO

The Convergence of DLP & EDR

DETECT THREATS STOP DATA THEFT

From Insiders & Outside Attackers

Ransomware, Malware and Non-Malware

Based

29

WELCOME TO

The Convergence of DLP & EDR

DETECT THREATS STOP DATA THEFT

From Insiders & Outside Attackers

Ransomware, Malware and Non-Malware

Based

Data    Discovery  

The Digital Guardian Data Protection Platform

Confidential 30

DG  Appliance  

DG  Agent(s)    

Data    Classifica7on  

Data  Loss  Preven7on  

Endpoint  Detec7on  &  Response  

SOLU

TIONS  

DIGITAL

 GUAR

DIAN  PLA

TFORM

Cloud  Data  Protec7on  

DG  Analy7cs  &  Repor7ng  Cloud  DG  Management  Console  

Endpoint

Storage

Cloud

Network

Visibility to All Threats – One Console

31

Endpoint

Storage

Cloud

Network

Visibility to All Threats – One Console

32

Data Events

User Events

System Events

Endpoint

Storage

Cloud

Network

Visibility to All Threats – One Console

33

Data Events

User Events

System Events

Combining system, user and data insights provides the

visibility to protect against ALL THREATS.

Enable Your Security Team

34

Enable Your InfoSec Analysts

35

Enable Your Incident Responders

36

Enable Your Threat Hunters

37

So What?

38

Enable Business Growth

39

Questions

40

Register today for our upcoming webinar:

Insights from the Gartner 2017 Magic Quadrant for Enterprise DLP

October 26, 2017 1PM ET

41