HP Enterprise Services Client Presentation - Division of Homeland

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

HP Enterprise Services Speaker’s name / Day/ Month, 2012

Managing Data Explosion Samuel Chun June 5, 2013


© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2

Agenda

• Introduction • “Tectonic Shifts” in Enterprise Computing • The Coming Data Explosion • Security in the age of Free Data • 2013 “CISO 100” Tour • Challenges and Solutions for MDE • Questions and Answers


695,000 status updates

98,000+ tweets

698,445 Google searches

1,820TB of data created

11million instant messages

168 million+ emails sent

YouTube

Viber

Qzone

Amazon Web Services

GoGrid

Rackspace

LimeLight

Jive Software

salesforce.com

Xactly

Paint.NET

Business

Education Entertainment

Games

Lifestyle

Music

Navigation

News

Photo & Video

Productivity

Reference

Social Networking

Sport

Travel

Utilities

Workbrain

SuccessFactors

Taleo

Workday

Finance

box.net

Facebook

LinkedIn

TripIt

Pinterest

Zynga

Zynga

Baidu

Twitter

Twitter

Yammer

Atlassian

Atlassian

MobilieIron SmugMug

SmugMug

Atlassian

Amazon

Amazon iHandy

PingMe

PingMe

Associatedcontent

Flickr

Snapfish

Answers.com

Tumblr.

Urban

Scribd. Pandora

MobileFrame.com

Mixi

CYworld

Renren

Xing

Yandex

Yandex

Heroku

RightScale

New Relic

AppFog

Bromium Splunk

CloudSigma

cloudability

kaggle

nebula

Parse

ScaleXtreme

SolidFire

Zillabyte

dotCloud

BeyondCore

Mozy

Fring Toggl

MailChimp

Hootsuite

Foursquare

buzzd

Dragon Diction

SuperCam

UPS Mobile

Fed Ex Mobile

Scanner Pro

DocuSign

HP ePrint

iSchedule

Khan Academy

BrainPOP

myHomework

Cookie Doodle

Ah! Fasion Girl

PaperHost

SLI Systems

NetSuite

OpSource

Joyent

Hosting.com

Tata Communications

Datapipe

PPM

Alterian

Hyland

NetDocuments

NetReach

OpenText

Xerox

Google

Microsoft

IntraLinks

Qvidian

Sage

SugarCRM

Volusion

Zoho

Adobe

Avid

Corel

Microsoft

Serif

Yahoo

CyberShift

Saba

Softscape

Sonar6

Ariba

Yahoo!

Quadrem

Elemica

Kinaxis

CCC

DCC

SCM ADP VirtualEdge

Cornerstone onDemand

CyberShift

Kenexa Saba

Softscape

Sonar6

Workscape

Exact Online

FinancialForce.com

Intacct NetSuite

Plex Systems

Quickbooks

eBay

MRM

Claim Processing

Payroll

Sales tracking & Marketing

Commissions Database

ERP

CRM

SCM

HCM

HCM

PLM

HP

EMC

Cost Management

Order Entry

Product Configurator

Bills of Material Engineering

Inventory

Manufacturing Projects

Quality Control

SAP

Cash Management

Accounts Receivable Fixed Assets Costing

Billing

Time and Expense

Activity Management Training

Time & Attendance Rostering

Service

Data Warehousing

The Internet Client/Server

Every 60 seconds

IBM

Unisys

Burroughs

Hitachi

NEC Bull

Fijitsu

Mainframe

A new style of IT emerging

Mobile, Social, Big Data & The Cloud

217 new mobile web users


Data Explosion is at hand.

+ Velocity Volume

Variety Value

Big Data

Core transaction systems

Other operational systems

Analytical environment

Transactional data

CRM, SCM, ERP

$€¥

Predefined reporting, dashboards, and analytics to: - Measure/monitor the business - Analyze and improve operations

Requiring filters for meaning (context, relevance, urgency) to: - Protect the business (such as new

compliance requirements) - Grow the business (such as customer

engagement models)

Mobile Texts

Images Email

Social media Audio

Video

“Human-friendly information”

.

5

This is the future.

By 2020, 2 trillion devices will connect to the internet…and to each other.

By 2014, Gartner estimates that about 20% of enterprises will own no assets


Security trends are on a collision course.

Growing cyber threat 56% of organizations have been the target of a cyber attack

Extended supply chain 44% of all data breach involved third-party mistakes

Financial loss $8.9M is the average cost associated with data breach

Cost of protection 11% of total IT budget spent on security

Reputation damage 30% market cap reduction due to recent events

Source: HP internal data, Forrester Research, Ponemon Institute, Coleman Parkes Research

Key issues: • Security is a Board of

Directors/Cabinet level concern.

• Security leadership is under immense pressure.

• There is a need for greater visibility of business risks and to make sound security investment choices.

Reactive vs. proactive 60% of enterprises spend more time and money on reactive measures vs. proactive risk mgmt.


The challenge is complex Primary challenges

Nature and motivation of attacks (national interest to new markets) 1

Cloud and Traditional IT (delivery and consumption changes) 2 Traditional

DC Private cloud

Managed cloud

Public cloud

Network Storage

Servers

Delivery

Regulatory pressures (increasing cost and complexity) 3

A new type of adversary

Enhanced regulatory environment

Deal with all three while DATA itself is EXPLODING in velocity, variety, and volume.

NERC • Sarbanes-Oxley • Basel III • PCI Security Standards Council

Research

Infiltration Exfiltration Discovery Capture


2013 Northern American CISO MDE Discussions


Hot Management Topics

• Does this mean we will be breached? • Where should I start? • Am I spending my money wisely?


With “Data Explosion” breaches are a certainty.

Associated costs rising year on year

$8.9M average cost associated with data breach

How much do you think a breach will cost?

• Breaches are a certainty. Expect them.

• Some of the fastest growing breaches are occurring via suppliers and business partners (no direct control)

• Critical functions such as incident response and recovery, investigation and forensics, eDiscovery/eDisclosure, PR/brand management are increasing areas of focus and investment


Spending decisions

010203040506070

Time Budget

Reactive vs proactive

reactive

proactive

60% of enterprises spend more time and money on reactive measures vs. proactive risk mgmt.

Organizations need optimized security

Where are you spending your money? • Appropriate balance is organization specific

• Proactive measures likely to reduce number of reactive responses

• Generally not enough intelligence regarding an organization to make robust trade-off investment decisions (“blind patching” and “protect everything” approach common)

• Need to prioritize proactive investments based on risk/exploitability


Information management/governance strategy

Where is your organization?

53%

25%

22%

Information risk strategy ?

YesNoPlanning

Security executives need to have a seat at the table

• IT infrastructure security will be difficult if not impossible

• Information governance and management strategy is critical

• Must prioritize data/information based and balance with risk

• Investment strategies must align to information risk


Top Solutions for MDE

• Identity & Credential Management • Application Security • Data and Content Protection • Security Intelligence


Identity & Credential Management

Key Solution: Remote Identity Proofing

Key Solution: Privileged User Management

Key Solution: Privileged User Management

Key Solution: Federation


Applications Security: Protecting the primary DHI

Sources: 1) Gartner IT Security Budgets and Staffing Projections for 2012: Constant Demand and Constant Spending, Mar, 2012 2) Microsoft Security Intelligence Report (SIR), v12, - Dec 2011

1¢

90%

10%

Traditional Security Applications Security

Successful attacks2

30%

70%

Security spending1

Successful attacks 2

Security spending1

1¢


Protecting what Matters: DLP and Beyond

Inventory

Monitor

Manage

Defend

Audit

Destruction/ Archive

Velocity Volume

Variety Value

Big Data

• Data like any other asset has it’s own lifecycle

• Many IT enterprises can’t account for all of it’s data

• Many IT enterprises lack the tools to discover all of their data (especially cross platform unstructured)

• A lot of focus on DLP as a technology but DLP works best as a full-lifecyle data governance approach


Security Big Data: Intelligence & Decision Support (Example)


Thank you