More Related Content Similar to Intelligent Cybersecurity for the Real World (20) Intelligent Cybersecurity for the Real World1. Martin Roesch
Vice President and Chief Architect, Cisco Security Business Group
March 9, 2016
Cisco Mid-Atlantic Users Group
Intelligent Cybersecurity for
the Real World
2. 2© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco’s #1
Priority
Threat-Centric
Security
Billions
Invested
5K
People
Strong
Cognitive
Sourcefire
ThreatGRID
Neohapsis
OpenDNS
Portcullis
Lancope
Broad/Deep
Portfolio
Trusted
Advisor
#1
Cybersecurity
Company
Expanding
Services
Capabilities
Pervasive
Security
Cisco is Investing in Security Growth
3. 3© 2015 Cisco and/or its affiliates. All rights reserved.
The Cisco
Advantage
Best of Breed
Portfolio
Architectural
Approach
4. 4© 2015 Cisco and/or its affiliates. All rights reserved.
Premiere Portfolio in the Industry
Best of Breed | Architectural Approach
Threat Intelligence
Visibility
CloudNetwork Integrated
Web
W W W
Email
NGFW/NGIPSAdvanced Threat
Policy and AccessUTM
Integrated for Best Threat Protection
5. 5© 2015 Cisco and/or its affiliates. All rights reserved.
Combined with the Best Threat Intelligence Capabilities
World-Class Threat Research
19.7BThreats Per Day
1.4M
1.1M
1.8B
1B
8.2B
Incoming Malware
Samples Per Day
Sender Base
Reputation Queries
Per Day
Web Filtering
Blocks Per Month
AV Blocks
Per Day
Spyware Blocks
Per Month
260+Threat Researchers
100 TBThreat Intelligence
6. 6© 2015 Cisco and/or its affiliates. All rights reserved.
Source: Cisco Annual Security Report, 2016
Less than100 VS.
DAYS
Industry
Cisco
Game Changing Innovation
1 Day
Reduced Time to Detection
7. 7© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Security Perspective
8. 8© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
If you knew you were going to
be compromised, would you
do security differently?
9. 9© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Threat-Centric Security Model
Visibility and Context
Firewall
App Control
VPN
Patch Mgmt
Vuln Mgmt
IAM/NAC
IPS
Antivirus
Email/Web
IDS
FPC
Forensics
AMD
Log Mgmt
SIEM
Attack Continuum
Discover
Enforce
Harden
Detect
Block
Defend
Scope
Contain
Remediate
10. 10© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Threat-Centric Security Model
Attack Continuum
Network Endpoint Mobile Virtual Cloud
Point in Time Continuous
Discover
Enforce
Harden
Detect
Block
Defend
Scope
Contain
Remediate
11. 11© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
THE STATE OF SECURITY
Incremental Capability
Mountains of Complexity
12. 12© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Security
Effectiveness Gap
13. 13© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Security Effectiveness Gap
Capabilities
14. 14© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Capabilities
Complexity
Goal for Effective Security
15. 15© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Faster Time to Detection, Faster Time to Remediate
Cisco Confidential
Integrated Threat Defense Architecture
Visibility Control Intelligence Context
16. 16© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Integrated Threat Defense: Strategic Architecture
Visibility, Analytics, and Automation to Simplify and Increase Security Efficacy
Integrated
Management
Visibility
Real-time map of the operational environment
API
Config Impact IOC Apps… Apps/Automation
Telemetry
Intelligence
Global
Intelligence
Control
Broker access
between users,
applications,
data, devices
Threat
Defeat known
Threats
Breach
Scope, Contain,
Remediate
Before AfterDuring
API
17. 17© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Reduce Complexity and Increase Capability
Collective Security Intelligence
Centralized Management
Appliances, Virtual
Network Control
Platform
Device Control
Platform
Cloud Services
Control Platform
Appliances, Virtual Host, Mobile, Virtual Hosted