Security Readiness - Whiteboard Guide - 2017-06-22 - 720p
0 (0 Likes / 0 Dislikes)
Hi. My name’s Laurence Pitt.
I am part of the EMEA
marketing team
and what I’m going to talk
to you about here is
our Security Readiness Whiteboard.
So this is part of a set of things
that we are putting together
to help you to have conversations
with your customers
about Digital Readiness,
Cloud Readiness and,
as I said here, Security Readiness.
Conversations that are not
about technology,
not about software,
not about solutions
but actually about the market
and the challenges in security
to help you to be able
to empathise with the customer
to get to the root
of what their problem is,
before we can tell them
how they can fix the problem.
I am going to start this by drawing
three circles on my board.
These circles represent the opportunities today for the bad guys.
So “means” and “motive”,
what does that mean?
Well the means is how they get in.
The means is the people
they have in development,
the skilled developers that
they’ve got out there, working on
writing malware that’s going
to get them into the network.
Or the botnets that they have
that are able to go and
look for things on the network.
Motive, well that’s obvious.
That’s your data.
Whether they actually want
to steal the data
or whether they want to prevent you
from accessing that information,
or whether they want to prevent
your customers
from being able to access your data.
Online retail for example,
taking the website offline...
The financial effect of doing that can be massive.
So the final circle here
is the “opportunity”.
The opportunity isn’t provided
by the bad guys,
the opportunity is provided
by us, by you.
Not on purpose. It may be
a vulnerability in a piece of software
that you are not even aware of.
It could be something
missing in the log file.
It could be a misconfiguration.
All of these are opportunities
for the bad guys to get in
and to be able to do
things on the network.
We are hearing about
breaches every day now
but it used to be
a much rarer occurrence.
So what is it that has changed
and is giving them the chance to do this?
Well the first thing
that has changed is
that we’re seeing trends
around a big move to digital.
So businesses are going
from being online
and having their own data centers
and their own ways of doing things
to trusting other people
with their information.
Maybe they are outsourcing a piece
of software to the network.
Maybe they are allowing ways for people to be able to work remotely
so they have that 24/7/365 access
that they need to do business.
As you’re globalising
you are seeing
the network is expanding
and things are changing.
Digital is a big change and something
that everyone is addressing.
However, it’s also providing a much grown
attack surface for the bad guys
to be able to get into the network
and do things.
It used to be that we did everything
using a laptop or a desktop
and it was fairly simple.
That’s changed.
Now everybody has a smartphone
or a tablet, and they are used to those.
Even more so with the development of
3G, 4G and soon to be 5G.
So they really can work anywhere
from the office to the beach.
At the same time, the devices
on the network are changing.
It’s not just devices
that humans are using.
It’s devices that do things
themselves, IoT devices.
Internet of things is driving a lot,
whether it’s manufacturing,
bringing online systems so they can
get better statistics out of them,
or whether it’s your connected printer,
connected copy machine
or the lightbulbs so that
you can be greener.
All of these are unfortunately
providing opportunities.
Opportunities that
you want to be able to fix
but can’t always address
as you’d like to because
quite honestly there are pressures
on the business that are
preventing you from being able
to do what you want to do.
What are those pressures?
Well obviously the first pressure is
the cost of being able to do this.
How much is it actually going to cost
to deploy those new systems?
To manage those new systems
and get them out there?
As much as you’re seeing
growth in budgets,
because security is getting
so much focus these days,
the growth isn’t the same as
the amount you would need
to cover absolutely every attack
surface within the business.
So what it’s actually become
is a huge balancing act
that you’re having to address.
That balancing act sits between
“How do I secure my business?” and
“How do I ensure that I can still be
enabled to do business at the same time?"
So what do I mean when I say that?
Well you could secure every single
thing within the business
at an affordable cost.
But would that become a
business inhibitor if you did that?
Would that slow things down because
of how you're processing things?
On the other side of things,
I need to be online.
I need to be digital.
I need to be working.
I need to know what I’ve got but
there’s a balancing act even there:
it costs money
to protect information.
Do I have the money to be able
to do that protection?
Because I probably don’t in reality.
So let’s look at how we can do this.
To start with, I’m going
to draw this square.
Now this square is probably
how you see your network,
but actually it’s not accurate
because really, this,
is your network today.
The network is no longer
a set of fixed cables,
it’s no longer a set of things
that are connected because
so much of this is wireless
and so much of this
is technology that we can’t
actually even see anymore.
It’s technology that we interact
with on a daily basis
but we don’t necessarily
know what it does.
People have expectations
with this as well.
So the first expectation that they
have is they expect it to be fast.
They expect online all the time,
quick, instant access to the network.
They expect the fastest
possible that they can get.
But at the same time,
for you to be able to manage this,
it’s no longer practical for you
to have a single vendor
doing absolutely everything
inside your network
You are going to be working with
multiple vendors across multiple services.
and so you want things
to be very open.
You want to have very
simple management.
You want to have single
point management.
You want systems that talk to each other
and share information
because only by sharing information
can you be accurate with network security
If something happens on the network
and you get only one answer to the problem
how do you know that answer is right?
If you get three answers
that are all the same,
then you know that
that’s an accurate answer,
so having open technologies
on the network is very important.
But of course you still need to know
that whatever you’re doing
is going to remain secure
at the same time.
Because having these technologies
without actually being able
to secure them doesn’t really help
anything move forward, does it?
So you want the highest
levels of security
and you want to know that actually
you are as safe as you can be.
The other thing of course is
introducing all of this is great,
but how are you going
to manage this
with only a finite number of staff?
So the fourth box, and what
I think is going to become
a more and more important box
over the next year or so,
is actually where we start
to talk about automation.
So automation, being able to look
at the tasks that are done
on a daily basis
by your users and your staff,
and actually take those basic tasks
and fully automate them so that
they don’t need to do them anymore,
so that they can move on
to looking at more strategic things
or looking at things
that actually have happened
outside that automation process.
Also as the future moves you can
automate more and more as well
within the network.
Now, what does this achieve?
Well today your network,
as you see it,
is the point where
any threat gets in.
Everything leads
to the network.
Whether it’s your data
with the spreadsheet,
whether it’s a threat coming in,
they all start at the network.
The challenge today
for a lot of people
is that their network
is actually passive.
So it transports information.
It passes it from
one device to another
and only by
looking at the network
are you able to see
that something has happened.
The network doesn't
provide you with that information.
What we need to be able to do
is to change the network
and make it active in this process.
So the network is now
part of this conversation.
It tells you when
something has happened.
It will alert you and warn you
and be more active.
I see there three stages on the
journey to be able to do this.
The first stage, which
is the passive network,
is about being able to spot
things on the network,
about having the technology so that
your users and your security people
can see things when they happen
and alert back to the network
and say what has happened.
The second stage on our journey
is about being able to contain.
So when something happens
I have got an
automated process in place
that will look at what has
happened and evaluate the risk.
Not everything that comes in
that you don’t know about is a risk.
It may be just unknown
at that point
but being able to contain that and
report on that is very important.
So that’s the second
stage on the journey
to having a fully active network.
The third stage on our journey
is to be able to control.
So this is the most important stage.
So now I can spot things
when they happen.
I can contain something but
I can also control this behaviour.
If something has come in that
has affected a number of devices
or affected a number of systems,
I can instantly switch that off
and remediate the issue.
I can look at what has happened
and I can fix that problem.
This is where I see
the importance of what
we are talking about at Juniper
and SDSN today.
Our clients have the ability
to spot things on the network,
to be able to contain
and control things on the network.
So if a bad device
comes onto the network
we can remediate that device.
We can switch that device
off the network.
But also to be able to control
the automated processes,
meaning that the people who
you have looking at these systems
are alerted to the fact
that something has happened
rather than having to look at
what has happened on the network.
So what I would ask at this point
if I were talking to customers:
Where are you on this journey?
Where do you believe
you are on this journey?
Do you just have the ability
today to spot things?
Do you feel that you can contain
threats on the network?
Or are you in full control
of the network?
I think that’s a great opportunity
to have a conversation
with the customer and
introduce them to this solution
that we have around SDSN,
Juniper Secure Analytics
and Sky Advanced Threat Prevention.
Thank you very much.