Next-Generation Datacenters Bring Next-Generation Security Challenges Ivan Juras IDC Adriatics IDC Visit us at IDC.com and follow us on Twitter: @IDC IT Challenges IDC Visit us at IDC.com and follow us on Twitter: @IDC Source: IDC CIO Summit Vienna Delegates Survey-2013 Q: What are the biggest IT challenges you face in 2013? Please choose up to three. Base: All organizations 3% 7% 8% 12% 12% 20% 23% 25% 26% 28% 30% 46% 51% Consumerization of traditional IT Obtaining the proper vendor support levels Measuring return of investmentQuality of service from our external providers Explosion of data volume/storage Change management Staffing issues (recruitment, retention)Driving innovative use of technologyAssuring budget for IT developments Maintaining securityModernization of legacy applicationsIT project control and management Increasing cost efficiency of ITCIO Summit Vienna Delegates Survey One user can be very dangerous VirusMesses up a users smartphone, tablet, PCSPAM/SPIM/SPIT Clogs emails, overloads servers, drags down network performance Click here Phishing, spoofing, pharming compromise company and person accounts; ransomwearTrojans/worms The backdoor to spying, data leakage, and unit and even system control thru keyloggers Botnets (users)PC and/or server hijacked (often through trojans) and used for spamming, DDoS, and other purposes LeakageSneaker net, app downloads, shadow IT use with system, sabotage/theft And externally DDoSShutdown of service through multifaceted attack Hackers/crackersMotivations vary: hacktivism, money, spying, ransom Social engineeringI am from the IT dept to help you just need you details Adv. persistent threatFocused and precise and 100-300% (depending on study) Physical damageFrom device loss/theft to natural disasters Source: PwC, Darkreading, CBRonline, 2014Thats where the money is W. Sutton Data is the currency; enterprises are the bank. The numbers vary depending on the study but everyone agrees, protecting information is a challenge Customer records compromised in Target hacker attack avg enterprise security events per day avg enterprise security events per day on active network new pieces malware reported each day 40m 10k 150k 86k Blame mobility IDC Visit us at IDC.com and follow us on Twitter: @IDC 6 0 200 400 600 800 1000 1200 201120122013 SmartphonesTabletsPortable PCsDesktop PCs 39% 52% -11% -8% Unit Shipments (Millions) 47% 88% -4% -4% Source: IDC Worldwide Quarterly Smart Connected Device Tracker and what it enables Interacting and the network of things 2020 - Nearly 30 Billion Devices Installed ~2.5b industrial/auto ~3.7b embedded devices ~5.0b accessories ~2.0b toys/appliances ~4.3b mobile devices ~4.0b networking devices ~4.5b computers ~24b devices!! along with the 3rd Platform2014 IDC Visit us at IDC.com and follow us on Twitter: @IDC 8 WW CAGR: 20-30% EU ESN CAGR:39.9% WW smartphones:1 in 6 Growing 6x faster than IT market But also predictive security The story is getting old among the IT and vendor community through 2017 the CAGR of 3rd Platform is 10.6% The 3rd Platform Requires a Different Type of Infrastructure 9 IDC 2013 Re-aggregated: Enterprise datacenter System level Legacy heterogeneous Bladed/Converged OPEX Optimized Complex App Portfolio Disaggregated: Hyperscale datacenter Resource level Greenfield Homogenous Density optimized Capex optimized Singular app portfolio Achieve Full Consistency ConsolidateVirtualize Optimize AndAutomate Rack and blades Bring Resources to Datacenter Reduce physical servers Speed up deployment Next GenerationApproach ~25% EU organizations Shared Storage ~50% Rack and blades Shared Storage Virtualization Layer Rack and blades Shared Storage Virtualization Layer I/O convergenceSystem Management Build and IntegrateCloud Capacity ~15% Storage, server, network aware of each otherBuild or Rent Application Specific Systems Rack and blades Shared Storage Virtualization Layer I/O convergenceSystem Management ~10% 10 Certified configurations Integrated Systems Maturity Curve Whats the main security threat?Problems in the Datacenter IDC Visit us at IDC.com and follow us on Twitter: @IDC 11 All Datacenters 0005101520253035404550 Latency issues Insufficient bandwidth into or out of the datacenter Regulatory or compliance issues Security breaches Downtime due to natural disasters Run out of IP addresses Downtime due to system failure Downtime due to human error % of respondents; N = 401 Source: IDC, 2014 Whohandles the security?

In-house IT Private Cloud (on premise) Public cloud(IaaS) Public cloud(PaaS) Public cloud(SaaS) Physical security useruserproviderproviderprovider Security services useruseruser user orprovider provider Data protection useruseruseruserprovider Application protection useruseruser user orprovider provider Supply chain protection useruserproviderproviderprovider Staff training/ surveillance useruser????????? Who handles DC and cloud security? (One possible grid with some unanswered questions) ENISA Threat Landscape, Dec 2013 CEE Security Software Market by Foundation Type in 2013

IDC Visit us at IDC.com and follow us on Twitter: @IDC Total: < $800 M 57% 14% 11% 18% Endpoint Security Security & Vulnerability Mgmt Identity & Access Mgmt. Other modules CEE Security Software Market by Vertical Type in 2013

IDC Visit us at IDC.com and follow us on Twitter: @IDC 18% 12% 11% 9% 50% Home Banking Central Government Telecommunications Other verticals And Threats Are Evolving IDC Visit us at IDC.com and follow us on Twitter: @IDC 16 Source: Incapsula 2013-2014 DDoS Threat Landscape Report, www.incapsula.com IDC Visit us at IDC.com and follow us on Twitter: @IDC 17 Deploy messaging security to monitor and prevent sending of sensitive files/data Use IAM to link user credentials, identities, roles with data access/usage rights Protect endpoints with file and disk encryption Prevent the accidental - educate end-users on policies and best practices IDC Visit us at IDC.com and follow us on Twitter: @IDC 18 Security SaaS Growing Worldwide IDC Visit us at IDC.com and follow us on Twitter: @IDC 19 0 100 200 300 400 500 600 700 800 900 1000 2010201120122013* Identity and Access Management Messaging Security Endpoint Security Security and Vulnerability Management Web Security Network Security US$M Global Security SaaS Revenue by Segment * Forecast 2012 Total: $2.9 billion 2013 Forecast: 15.2% growth Mobility and the consumerization of enterprise IT key factors Conclusion change is accelerating New world taking shape on the 3rd platform: data centers need to adapt, security needs to adapt. Create roadmaps for datacenters and for security: while they will involve technology, they are also very much about management. Adopt a solution mindset: complexity is expanding, the IT depart. cannot handle it all. For DCs, this means hybrid cloud environments; for security this means a mix of SW, service, and appliances. Drip-feed training: continuous discussion needed especially for security to make it a frame of mind (4/10 large firms have no training) Convince senior management: the CFO and CEO need to make security a priority and let it be known to all it is a priority. Prepare psychologically for the hard work ahead: BYOD management often creates waves; constant security checks too; data center migration and restructuring will cause headaches, etc.Thank you! IDC Visit us at IDC.com and follow us on Twitter: @IDC 21 Ivan Juras Research Analyst Marketing & PR Specialist IDC Adriatics (Croatia) ijuras@idc.com +385 1 30 40 054 DDoS and Botnet Attacks Increasing IDC Visit us at IDC.com and follow us on Twitter: @IDC 22 2013: Rapid increase in peak attack volumes and bot sophistication Q1 2014: Upward trend continues with several ~100Gbps threats Source: Incapsula 2013-2014 DDoS Threat Landscape Report, www.incapsula.com Security Appliances The Growth of UTM Adoption of multi-function appliances and gradual displacement of single-function appliances Plug-and-play deploymentallows for easy use and low admin Generally more efficient than end-point deployments (though it can impact latency and bandwidth if appliance does not keep up with traffic) Reduced technical training requirements Simplifies to single point of admin (but also means there is a singlepoint for potential failure) IDC Visit us at IDC.com and follow us on Twitter: @IDC 23 37 38 15 12 22 35 14 13 12 02 20102013 Security Appliance Product Market Share in CEE Unified Threat Management (UTM) Firewall Content Management (Email, Web) Intrusion Detection and Prevention (IDP) Virtual Private Network (VPN) by value, % of total Source: IDC, 2014Enterprise Architecture MaturityScapeSecurity MaturityScapeSource: IDC, 2014Mobile device security threats and management IDC Visit us at IDC.com and follow us on Twitter: @IDC 26 01020304050607080 Mixing of work and personal apps data on mobile devices Loss or theft of mobile devices Malicious apps Mobile malware Insecure or loosely secured privacy settings on legitimate apps Total (n = 200)IT controlled (n = 75)BYOD (n = 125) Q. What are the top threats to mobile devices (whether personal or company-owned)? Source: IDCs US Mobile Security Survey 2013 %