Security Readiness - Whiteboard Guide - 2017-06-22 - 720p

Hi. My name’s Laurence Pitt. I am part of the EMEA marketing team and what I’m going to talk to you about here is our Security Readiness Whiteboard. So this is part of a set of things that we are putting together to help you to have conversations with your customers about Digital Readiness, Cloud Readiness and, as I said here, Security Readiness. Conversations that are not about technology, not about software, not about solutions but actually about the market and the challenges in security to help you to be able to empathise with the customer to get to the root of what their problem is, before we can tell them how they can fix the problem. I am going to start this by drawing three circles on my board. These circles represent the opportunities today for the bad guys. So “means” and “motive”, what does that mean? Well the means is how they get in. The means is the people they have in development, the skilled developers that they’ve got out there, working on writing malware that’s going to get them into the network. Or the botnets that they have that are able to go and look for things on the network. Motive, well that’s obvious. That’s your data. Whether they actually want to steal the data or whether they want to prevent you from accessing that information, or whether they want to prevent your customers from being able to access your data. Online retail for example, taking the website offline... The financial effect of doing that can be massive. So the final circle here is the “opportunity”. The opportunity isn’t provided by the bad guys, the opportunity is provided by us, by you. Not on purpose. It may be a vulnerability in a piece of software that you are not even aware of. It could be something missing in the log file. It could be a misconfiguration. All of these are opportunities for the bad guys to get in and to be able to do things on the network. We are hearing about breaches every day now but it used to be a much rarer occurrence. So what is it that has changed and is giving them the chance to do this? Well the first thing that has changed is that we’re seeing trends around a big move to digital. So businesses are going from being online and having their own data centers and their own ways of doing things to trusting other people with their information. Maybe they are outsourcing a piece of software to the network. Maybe they are allowing ways for people to be able to work remotely so they have that 24/7/365 access that they need to do business. As you’re globalising you are seeing the network is expanding and things are changing. Digital is a big change and something that everyone is addressing. However, it’s also providing a much grown attack surface for the bad guys to be able to get into the network and do things. It used to be that we did everything using a laptop or a desktop and it was fairly simple. That’s changed. Now everybody has a smartphone or a tablet, and they are used to those. Even more so with the development of 3G, 4G and soon to be 5G. So they really can work anywhere from the office to the beach. At the same time, the devices on the network are changing. It’s not just devices that humans are using. It’s devices that do things themselves, IoT devices. Internet of things is driving a lot, whether it’s manufacturing, bringing online systems so they can get better statistics out of them, or whether it’s your connected printer, connected copy machine or the lightbulbs so that you can be greener. All of these are unfortunately providing opportunities. Opportunities that you want to be able to fix but can’t always address as you’d like to because quite honestly there are pressures on the business that are preventing you from being able to do what you want to do. What are those pressures? Well obviously the first pressure is the cost of being able to do this. How much is it actually going to cost to deploy those new systems? To manage those new systems and get them out there? As much as you’re seeing growth in budgets, because security is getting so much focus these days, the growth isn’t the same as the amount you would need to cover absolutely every attack surface within the business. So what it’s actually become is a huge balancing act that you’re having to address. That balancing act sits between “How do I secure my business?” and “How do I ensure that I can still be enabled to do business at the same time?" So what do I mean when I say that? Well you could secure every single thing within the business at an affordable cost. But would that become a business inhibitor if you did that? Would that slow things down because of how you're processing things? On the other side of things, I need to be online. I need to be digital. I need to be working. I need to know what I’ve got but there’s a balancing act even there: it costs money to protect information. Do I have the money to be able to do that protection? Because I probably don’t in reality. So let’s look at how we can do this. To start with, I’m going to draw this square. Now this square is probably how you see your network, but actually it’s not accurate because really, this, is your network today. The network is no longer a set of fixed cables, it’s no longer a set of things that are connected because so much of this is wireless and so much of this is technology that we can’t actually even see anymore. It’s technology that we interact with on a daily basis but we don’t necessarily know what it does. People have expectations with this as well. So the first expectation that they have is they expect it to be fast. They expect online all the time, quick, instant access to the network. They expect the fastest possible that they can get. But at the same time, for you to be able to manage this, it’s no longer practical for you to have a single vendor doing absolutely everything inside your network You are going to be working with multiple vendors across multiple services. and so you want things to be very open. You want to have very simple management. You want to have single point management. You want systems that talk to each other and share information because only by sharing information can you be accurate with network security If something happens on the network and you get only one answer to the problem how do you know that answer is right? If you get three answers that are all the same, then you know that that’s an accurate answer, so having open technologies on the network is very important. But of course you still need to know that whatever you’re doing is going to remain secure at the same time. Because having these technologies without actually being able to secure them doesn’t really help anything move forward, does it? So you want the highest levels of security and you want to know that actually you are as safe as you can be. The other thing of course is introducing all of this is great, but how are you going to manage this with only a finite number of staff? So the fourth box, and what I think is going to become a more and more important box over the next year or so, is actually where we start to talk about automation. So automation, being able to look at the tasks that are done on a daily basis by your users and your staff, and actually take those basic tasks and fully automate them so that they don’t need to do them anymore, so that they can move on to looking at more strategic things or looking at things that actually have happened outside that automation process. Also as the future moves you can automate more and more as well within the network. Now, what does this achieve? Well today your network, as you see it, is the point where any threat gets in. Everything leads to the network. Whether it’s your data with the spreadsheet, whether it’s a threat coming in, they all start at the network. The challenge today for a lot of people is that their network is actually passive. So it transports information. It passes it from one device to another and only by looking at the network are you able to see that something has happened. The network doesn't provide you with that information. What we need to be able to do is to change the network and make it active in this process. So the network is now part of this conversation. It tells you when something has happened. It will alert you and warn you and be more active. I see there three stages on the journey to be able to do this. The first stage, which is the passive network, is about being able to spot things on the network, about having the technology so that your users and your security people can see things when they happen and alert back to the network and say what has happened. The second stage on our journey is about being able to contain. So when something happens I have got an automated process in place that will look at what has happened and evaluate the risk. Not everything that comes in that you don’t know about is a risk. It may be just unknown at that point but being able to contain that and report on that is very important. So that’s the second stage on the journey to having a fully active network. The third stage on our journey is to be able to control. So this is the most important stage. So now I can spot things when they happen. I can contain something but I can also control this behaviour. If something has come in that has affected a number of devices or affected a number of systems, I can instantly switch that off and remediate the issue. I can look at what has happened and I can fix that problem. This is where I see the importance of what we are talking about at Juniper and SDSN today. Our clients have the ability to spot things on the network, to be able to contain and control things on the network. So if a bad device comes onto the network we can remediate that device. We can switch that device off the network. But also to be able to control the automated processes, meaning that the people who you have looking at these systems are alerted to the fact that something has happened rather than having to look at what has happened on the network. So what I would ask at this point if I were talking to customers: Where are you on this journey? Where do you believe you are on this journey? Do you just have the ability today to spot things? Do you feel that you can contain threats on the network? Or are you in full control of the network? I think that’s a great opportunity to have a conversation with the customer and introduce them to this solution that we have around SDSN, Juniper Secure Analytics and Sky Advanced Threat Prevention. Thank you very much.