Академический Документы
Профессиональный Документы
Культура Документы
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
University of Maryland
Target breached, CIO resigns
NSA/Snowden drip, drip, drip
Heartbleed!
2014 The SANS Institute www.sans.org
77%
38%
27%
18%
2015
2014
2013
2012
2011
2010
2009
2008
Ladders
Near term
Mobile Device Management/NAC
Cloud Security Standards
Policy/legal/awareness
Next year
Security as a Service
Business App Store
Data Encryption
2014 The SANS Institute www.sans.org
Rapid Penetration
10
Medical devices
Smart building/HVAC
automation/commercial
building management
80%
70%
60%
50%
40%
30%
20%
10%
0%
Producing
Operating/
Managing
Major Differences
Old Things
General purpose OS
Fixed, wired
TCP/IP, 802.11, HTML5
Layered apps
Homogeneous
Enterprise-driven
2-3 year life cycle
Impact data
New Things
Embedded OS
Mobile, wireless
Zigbee, IoT6, WebHooks
Embedded apps
Heterogeneous
Consumer-driven
.2 to 20 year life cycle
Impact health/safety
12
13
Ladders
Near term
Discovery/inventory (no client SW)
NNGFW/Data Diodes
Expand penetration testing
Next year
Next Generation DMZ/Security as a Service
Community Device Stores
OT/IT Integrtion
2014 The SANS Institute www.sans.org
14
15
Ladders
Near term
Critical Security Controls gap assess
Advanced Threat Detection/Forensics
White list on servers
Next year
Beachheads: data encryption, stronger
authentication, privilege management
ISAC/Info Sharing/What Works
2014 The SANS Institute www.sans.org
16
Staffing/Skills Today
17
Staffing/Skills Tomorrow
18
1-10% increase
No change
1-10% reduction
Unknown
0%
19
1-10% increase
No change
1-10% reduction
Unknown
0%
20
Career Focus
Area of Focus
Management/Leadership
Administration
Engineering
Other
Audit
Forensics
Testing
Development
Today
25.4%
18.0%
17.8%
11.9%
10.7%
7.7%
4.4%
4.1%
Next 5 yrs
33.1%
5.2%
10.0%
4.3%
5.9%
9.7%
3.3%
3.0%
Reduce:
Administrative time spent
Technical time
Increase:
Upwards focus
Forensics
2014 The SANS Institute www.sans.org
21
Career Success
22