Upload
lumension
View
589
Download
0
Embed Size (px)
DESCRIPTION
In 2012 we found out that the BYOD environment and consumerization of the workplace had turned traditional notions of corporate IT upside down. The 2013 Data Protection Maturity Report will highlight how organizations have managed this trend over the last year and what steps are being taken in 2013 to further enhance data security. Find out how IT teams are developing a holistic model that encompasses policy, education, technology and enforcement. Within this slide deck, we look at each of data protection trends, helping you define your organization’s best practice guide to address the top concerns. We will also be showing you how you can gauge the maturity of your security systems, allowing you to plug any holes before your valuable data starts to leak through them.
Citation preview
2013 Data Protection Maturity Trends: How Do You Compare?
Today’s Agenda
Data Protection Trends
Aspects of Data Protection: The Survey Says …
A Model of Data Protection Maturity
Recommendations
Today’s Panelists
3
Paul HenrySecurity Consultant, Author
and Columnist
Chris MerrittDirector of Solution Marketing
Lumension
Data Protection Trends
5
Changing IT Network Landscape
Source: Is BYOD Right for Your Small Business? by Melinda Emerson, PGi blog (24-Oct-2012)
6
Increasing Threats Landscape
Source: Expect a wave of Java applet attacks: Microsoft by Liam Tung, CSO Online (19-Nov-2012)
7
Increasing Threats Landscape
Source: New Report Out of Taiwan Says Prepare For APT Warfare, by Paul Henry in Optimal Security (Lumension) blog (15-Aug-2012)
8
Evolving Organizational Landscape
• According to the Ponemon Institute, 58% of organizations have more than 25 malware incidents each month, and another 20% are unsure how many incidents they’re dealing with.1
• The data breaches reported in 2012 increased almost 35% over 2011, according to datalossdb.org.2
• The average cost of a data breach was about $194 per record in 2011;of this, about 70% were indirect costs such as lost business, cus-tomer churn, etc.3
• About 70 – 80% of an organization’smarket value is based on intangibleassets such as IP.4
1. Ponemon Institute, 2013 State of the Endpoint (Dec-2012)2. Based on data retrieved 11-Jan-2013.3. Ponemon Institute, 2011 Cost of Data Breach Study (Mar-2012)4. Ocean Tomo, http://www.oceantomo.com/about/intellectualcapitalequity
9
Uncertain Regulatory Landscape
Regulatory• An effort is underway to modernize the European Union framework for
data protection rules (GDPR)• In the United States …
» we see continued pressure from the States on the data protection front» on the Federal front, some are holding out hope for a comprehensive
Cybersecurity Act, or an equivalent Executive Order» for public companies, we now have SEC guidance on cyber risks
• Elsewhere, we see continued legislative action on data protection» examples include: Colombia, Italy and Philippines
Industry• Next PCI-DSS update scheduled for Oct-2013• NERC CIP 5 scheduled for vote in Apr-2013• Impact of legislation on FFIEC, NCUA, OCC, etc.
Aspects of Data Protection: The Survey Says …
11
Discovering the State of Data Protection
Worldwide Data Protection Maturity Assessment Survey• Anonymous Results • Over 406 Initial Respondents • Respondent Screening
Three areas of focus• Administrative Controls• Technical Controls • “Organizational Motivation”
12
Administrative Controls
13
Administrative Controls
Technical Controls
14
Technical Controls
15
Technical Controls
16
Organizational Motivation
17
Organizational Motivation
18
Organizational Motivation
19
A Data Protection Maturity Model
A Model for Data Protection Maturity
21
Data Protection Maturity Results
22
Rising to the Challenge
23
Creating Policies• Ad Hoc: Minimal or No Security Policies• Optimal: Comprehensive & Exhaustive
Educating Staff• Ad Hoc: One-Time or No Training• Optimal: On-Going, Formal Training
Enforcing Policies• Ad Hoc: Limited Technical Controls• Optimal: Robust Technical Controls
More Information
• Free Security Scanner Tools» Application Scanner – discover all the apps
being used in your network» Vulnerability Scanner – discover all OS and
application vulnerabilities on your network » Device Scanner – discover all the devices
being used in your network
http://www.lumension.com/Resources/Security-Tools.aspx
• Lumension® Endpoint Management and Security Suite» Demo:
http://www.lumension.com/endpoint-management-security-suite/demo.aspx
» Evaluation: http://www.lumension.com/endpoint-management-security-suite/free-trial.aspx
• Get a Quote (and more)http://www.lumension.com/endpoint-management-security-suite/buy-now.aspx#2
24
Global Headquarters8660 East Hartford Drive
Suite 300
Scottsdale, AZ 85255
1.888.725.7828
http://blog.lumension.com