ECONOMICS, SECURITY MANAGEMENT AND THE FUTURE INTERNET. Simon Shiu HP Labs 15 th April 2010
|
|
- Chester Owens
- 8 years ago
- Views:
Transcription
1 ECONOMICS, SECURITY MANAGEMENT AND THE FUTURE INTERNET Simon Shiu HP Labs 15 th April Copyright Copyright 2010 Hewlett-Packard 2010 Development Development Company, Company, L.P. L.P.
2 SYNOPSIS OF THIS TALK The Application of Economic Methods to Enterprise Security Management Early work on the Application of Economic Methods to Cloud Information Stewardship Some personal thoughts on the relevance of Economic Methods to Security Management in the future internet 2
3 Malware Reports? Y Patch Available? N Workaround Available? Y Implement Workaround Malware Y N Accelerate? Y Exploit Available N Exposed? Early Mitigation? Deploy Mitigation Y Y Vulnerability Disclosed Vulnerability Assessment Test Solution Patch Deployment Accelerated Patching Emergency Patching Patch Available TODAYS SECURITY MANAGEMENT LIFECYCLE Economics/ Threats/ Investments Policy, process, people, technology & operations Proportion of vulnerabilities Risk reduced window (from disclosure time) across all vulnerabilities timeline Security Analytics Assurance & Situational Awareness Personal Environment Win/Lx/OSX Trusted Hypervisor Home Banking E-Govt Intf. Remote IT Mgmt Corporate Productivity OS Corporate Production Environment OS Corp. Soft Phone Trusted Infrastructure 3
4 PROBLEMS WITH SECURITY INVESTMENTS Security Investments affect multiple outcomes: budget, confidentiality, integrity, availability, In most situations these outcomes can only be predicted with high degrees of uncertainty Often the outcomes are inter-related (trade-off) and the link to investments is poorly understood Classical business justification/due diligence (Return on Security Investment, cost benefit analysis) encourages these points to be glossed over 4
5 ECONOMIC FRAMING: AN ANALOGY 5 The Central Bank problem How to set the interest rate to achieve satisfactory levels of inflation (f) and unemployment (e). Satisfactory is defined by a utility (or loss) function, such as: U(e,f) = F(e e*) + G(f f*) + The Security Management problem How to invest in security to achieve satisfactory levels of confidentiality (C) and availability (A) And then there is the limited budget.
6 PREFERENCE ELICITATION (CONSTRUCTION?) Structured Discussion (framed by initially provided components) Confidentiality Availability Cost Impact of Breaches Assurance Affect on Capital Operational Expense Expense # of Breaches # detected Breaches SLA violations F(capex,opex) 6 Agreed proxies for our utility components
7 OUR METHODOLOGY Problem Architectur e Preferences Problem System Model components of utility Utility things to measure problem refinement consequences of preferences 7
8 THE CLOUD ECO-SYSTEM Consumer Small Business Enterprise Government Department Pure Consumers Simple ISP Bundled ISP Integrated ISP Consumer/ Providers 8 CPU Infrastructur e Secure Archive Storage 24*7 Available Storage Pure Providers
9 STEWARDSHIP IN THE CLOUD ECO- SYSTEM Consumer Small Business Enterprise Government Department requirements expectations Simple ISP Bundled ISP Integrated ISP Confidentiality Integrity Availability incentives CPU Infrastructur e Secure Archive Storage 24*7 Available Storage Obligations preferences 9
10 CLOUD STEWARDSHIP ECONOMICS Key ideas that are guiding our empirical work Information Asymmetry As the service provider I know more about the costs and risks of handling your data than you or any regulator Externalities; Public/Club Goods Being secure costs me more than I gain, even though others in the community gain too. Heterogeneity of services & users How do we value bundled security characteristics & develop associated product and pricing strategies As well as applying preference, utility, system modelling to this context 10
11 FOUNDATIONS OF TRUST IN THE FUTURE INTERNET My Current Views Left unchecked the (IT) services market will prioritize low cost and flexibility with bad security externality effects To counter this we need organisations to become much more explicit about their (current and future) information security lifecycle and needs Sharing security information is already hard it will be harder in the services eco-system Enterprise Security Lifecycle We should think more about how adjusting incentives can improve this situation 11
12 Q&A 12
Using Security Metrics Coupled with Predictive Modeling and Simulation to Assess Security Processes
Using Security Metrics Coupled with Predictive Modeling and Simulation to Assess Security Processes Yolanta Beres, Marco Casassa Mont, Jonathan Griffin, Simon Shiu Systems Security Lab 2008 Hewlett-Packard
More informationChanging the Enterprise Security Landscape
Changing the Enterprise Security Landscape Petr Hněvkovský Presales Consultant, ArcSight EMEA HP Enterprise Security Products 2012 Hewlett-Packard Development Company, L.P. The information contained herein
More informationIBM X-Force 2012 Cyber Security Threat Landscape
IBM X-Force 2012 Cyber Security Threat Landscape 1 2012 IBM Corporation Agenda Overview Marketing & Promotion Highlights from the 2011 IBM X-Force Trend and Risk Report New attack activity Progress in
More informationMobility. Exploiting and Maintaining the New Face of Engagement. Huseyin Ozel CT, HP EMEA Enterprise Mobility September 2015
Mobility Exploiting and Maintaining the New Face of Engagement Huseyin Ozel CT, HP EMEA Enterprise Mobility September 2015 Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained
More informationSession 3: IT Infrastructure Security Track ThreatExchange Winning through collaboration. Tomas Sander HP Labs
Session 3: IT Infrastructure Security Track ThreatExchange Winning through collaboration Tomas Sander HP Labs Forward Looking Statements Rolling roadmap up to three years and is subject to change without
More informationHP Customer Support. Remote Server Management. an Outtasking Solution Outline
HP Customer Support Remote Server Management an Outtasking Solution Outline Andreas Meinert Support Solution Architect DataCenter Solution Services, HP Germany 2004 Hewlett-Packard Development Company,
More informationINSIDE. Management Process. Symantec Corporation TM. Best Practices Roles & Responsibilities. Vulnerabilities versus Exposures.
Symantec Corporation TM Symantec Product Vulnerability Management Process Best Practices Roles & Responsibilities INSIDE Vulnerabilities versus Exposures Roles Contact and Process Information Threat Evaluation
More informationThe Business Case for Security Information Management
The Essentials Series: Security Information Management The Business Case for Security Information Management sponsored by by Dan Sullivan Th e Business Case for Security Information Management... 1 Un
More informationHP S POINT OF VIEW TO CLOUD
HP S POINT OF VIEW TO CLOUD Frank Bloch Director Technology Consulting 2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice 3 GLOBAL MEGA
More informationAccountability Model for Cloud Governance
Accountability Model for Cloud Governance Massimo Felici, Hewlett-Packard Laboratories CSP Forum 2014, Athens, 21-22 May 2014 Overview Problem of Data Governance Data Governance in the Cloud Accountability
More informationInformation Technology Engineers Examination. Information Security Specialist Examination. (Level 4) Syllabus
Information Technology Engineers Examination Information Security Specialist Examination (Level 4) Syllabus Details of Knowledge and Skills Required for the Information Technology Engineers Examination
More informationHelix Nebula: Secure Brokering of Cloud Resources for escience. Dr. Jesus Luna Garcia
Helix Nebula: Secure Brokering of Cloud Resources for escience Dr. Jesus Luna Garcia Outline Background The Blue-Box architecture Security Goals and Requirements Let s imagine Why a Public-Private Partnership
More informationHow To Understand The Value Of Cloud Computing For An Enterprise Company
Cloud beyond limits Lorenzo Gonzales Strategist, HP Enterprise Group EMEA Opportunities or challenges? Always growing connections Immediate responses are expected Change is part of the system Interactions
More information應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊
應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊 HP Enterprise Security 林 傳 凱 (C. K. Lin) Senior Channel PreSales, North Asia HP ArcSight, Enterprise Security 1 Rise Of The Cyber Threat Enterprises and Governments are experiencing
More informationThis presentation contains some information about future Veeam product releases, the timing and content of which are subject to change without
This presentation contains some information about future Veeam product releases, the timing and content of which are subject to change without notice. Storage Trends in SMB Optimizing Data Footprint
More informationCloud Security Who do you trust?
Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud
More informationIBM X-Force 2012 Cyber Security Threat Landscape
IBM X-Force 2012 Cyber Security Threat Landscape Johan Celis X-Force R&D Spokesperson Security Channel Sales Leader BeNeLux 1 Mission IBM Security Systems To protect our customers from security threats
More informationSecuring business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security
Securing business data CNS White Paper Cloud for Enterprise Effective Management of Data Security Jeff Finch, Head of Business Development, CNS Mosaic 2nd July 2015 Contents 1 Non-Disclosure Statement...
More informationCaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security
CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security 1 Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationEnd of Support Should Not End Your Business. Challenge of Legacy Systems
End of Support Should Not End Your Business When software vendors announce a product end-of-life (EOL), customers typically have 24 to 30 months to plan and execute their migration strategies. This period
More informationTHE BLUENOSE SECURITY FRAMEWORK
THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program
More informationSecurity Touchpoints When Acquiring Software. Dr Carsten Huth Nadim Barsoum Dawid Sroka
Security Touchpoints When Acquiring Software Dr Carsten Huth Nadim Barsoum Dawid Sroka 2 Topics Context Problem Definition SDLC and Security Touchpoints Acquisition Process Conclusions 3 Acknowledgement
More informationClosing the Vulnerability Gap of Third- Party Patching
SOLUTION BRIEF: THIRD-PARTY PATCH MANAGEMENT........................................ Closing the Vulnerability Gap of Third- Party Patching Who should read this paper IT Managers who are trying to manage
More informationInternet Safety and Security: Strategies for Building an Internet Safety Wall
Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet
More informationHacking Crisis Highlights Crypto Chaos
TREND ADVISOR: Hacking Crisis Highlights Crypto Chaos Four Data Traffic Security Challenges Exposing Enterprises to Hack Attacks IT departments were battered by a cybersecurity perfect storm in 2014. While
More informationModernizing the Infrastructure: Cloud Computing, Green IT Mickey Zandi, Ph.D. Managing Director
Modernizing the Infrastructure: Cloud Computing, Green IT Mickey Zandi, Ph.D. Managing Director www.sungardas.com Agenda Issues Motivations Market Trends Starting Point 2010 SunGard. www.sungardas.com
More informationCloud Security Specialist Certification Self-Study Kit Bundle
Cloud Security Specialist Certification Bundle CloudSchool.com CLOUD CERTIFIED Technology Professional This certification bundle provides you with the self-study materials you need to prepare for the exams
More informationBecoming a Cloud Services Broker. Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013
Becoming a Cloud Services Broker Neelam Chakrabarty Sr. Product Marketing Manager, HP SW Cloud Products, HP April 17, 2013 Hybrid delivery for the future Traditional IT Evolving current state Future Information
More informationInformation Security for the Rest of Us
Secure Your Way Forward. AuditWest.com Information Security for the Rest of Us Practical Advice for Small Businesses Brian Morkert President and Chief Consultant 1 Introduction President Audit West IT
More informationSEIZE THE DATA. 2015 SEIZE THE DATA. 2015
1 Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. BIG DATA CONFERENCE 2015 Boston August 10-13 Predicting and reducing deforestation
More informationMatthias Kuemmel, HP Imaging and Printing Group. Date: 24/05/2011
Cloud Services Threat or Chance? Matthias Kuemmel, HP Imaging and Printing Group Date: 24/05/2011 Agenda Cloud Computing what is it? HP Cloud Strategy and Solutions Cloud Printing current state Example:
More informationVirtual Patching: a Proven Cost Savings Strategy
Virtual Patching: a Proven Cost Savings Strategy An Ogren Group Special Report December 2011 Executive Summary Security executives, pushing the limits of traditional labor-intensive IT patch processes
More informationThe promise of SDN. EU Future Internet Assembly March 18, 2014. Yanick Pouffary Chief Technologist HP Network Services
The promise of SDN EU Future Internet Assembly March 18, 2014 Yanick Pouffary Chief Technologist HP Network Services Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationCCIT Technical Support Policy
Executive Summary In order to ensure that your experience with CCIT is as effective and efficient as possible, CCIT outlines in this policy its technical support process, request submission mechanisms,
More informationSecure Software Development Lifecycle. Security... Not getting better
Secure Software Development Lifecycle This lecture provides reference material for the book entitled The Art of Software Security Testing by Wysopal et al. 2007 This lecture material is copyrighted by
More informationEnterprise Apps: Bypassing the Gatekeeper
Enterprise Apps: Bypassing the Gatekeeper By Avi Bashan and Ohad Bobrov Executive Summary The Apple App Store is a major part of the ios security paradigm, offering a central distribution process that
More informationAPPLICATION SECURITY RESPONSE: WHEN HACKERS COME A-KNOCKING
APPLICATION SECURITY RESPONSE: WHEN HACKERS COME A-KNOCKING Katie Moussouris Senior Security Strategist Microsoft Security Response Center http://twitter.com/k8em0 (that s a zero) Session ID: ASEC-T18
More informationSecurity Operation Centre 5th generation
Security Operation Centre 5th generation transition Cezary Prokopowicz Regional Manager SEE HP Enterprise Security Products 2 3 4 5 Challenges you are facing 1 Nature and motivation of attacks (Fame to
More informationContinuous???? Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
???? 1 Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Application Delivery is Accelerating Surge in # of releases per app
More informationHEALTHCARE IN THE CLOUD
HEALTHCARE IN THE CLOUD Baldur Johnsen, Director Healthcare Provider Product Management Office of Strategy & Technology HP Business Solutions Organization 2010 Hewlett-Packard Development Company, L.P.
More informationExternal Supplier Control Requirements
External Supplier Control s Cyber Security For Suppliers Categorised as Low Cyber Risk 1. Asset Protection and System Configuration Barclays Data and the assets or systems storing or processing it must
More informationTaking control of the virtual image lifecycle process
IBM Software Thought Leadership White Paper March 2012 Taking control of the virtual image lifecycle process Putting virtual images to work for you 2 Taking control of the virtual image lifecycle process
More informationAnatomy of a Healthcare Data Breach
BUSINESS WHITE PAPER Anatomy of a Healthcare Data Breach Prevention and remediation strategies Anatomy of a Healthcare Data Breach Table of Contents 2 Increased risk 3 Mitigation costs 3 An Industry unprepared
More informationHP Adaptive Backup and Recovery
HP Adaptive Backup and Recovery Addressing Your BURA Strategy Today Reflects Your Business Purposes Tomorrow Scott Baker - Director, Enterprise Data Protection Andrew Dickerson Senior Manager, Backup,
More informationSample Vulnerability Management Policy
Sample Internal Procedures and Policy Guidelines February 2015 Document Control Title: Document Control Number: 1.0.0 Initial Release: Last Updated: February 2015, Manager IT Security February 2015, Director
More informationStrategies for assessing cloud security
IBM Global Technology Services Thought Leadership White Paper November 2010 Strategies for assessing cloud security 2 Securing the cloud: from strategy development to ongoing assessment Executive summary
More informationHP Cloud OS. Платформа OpenStack корпоративного уровня. Иван Кровяков Архитектор облачных решений HP Центральная и Восточная Европа
HP Cloud OS Платформа OpenStack корпоративного уровня Иван Кровяков Архитектор облачных решений HP Центральная и Восточная Европа What is OpenStack Software Massively scalable cloud operating system that
More informationManaging the Challenges of Cloud Management November 7, 2013
Copyright 2013 Vivit Worldwide Managing the Challenges of Cloud Management November 7, 2013 Brought to you by Copyright 2013 Vivit Worldwide Hosted by Mihai Grigorescu Vivit Chapter Leader South Africa
More informationHow To Protect A Virtual Desktop From Attack
Endpoint Security: Become Aware of Virtual Desktop Infrastructures! An Ogren Group Special Report May 2011 Executive Summary Virtual desktops infrastructures, VDI, present IT with the unique opportunity
More informationNEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015
NEXPOSE ENTERPRISE METASPLOIT PRO Effective Vulnerability Management and validation March 2015 KEY SECURITY CHALLENGES Common Challenges Organizations Experience Key Security Challenges Visibility gaps
More informationCloud App Security. Tiberio Molino Sales Engineer
Cloud App Security Tiberio Molino Sales Engineer 2 Customer Challenges 3 Many Attacks Include Phishing Emails External Phishing attacks: May target specific individuals or companies Customer malware or
More informationTeradata and Protegrity High-Value Protection for High-Value Data
Teradata and Protegrity High-Value Protection for High-Value Data 03.16 EB7178 DATA SECURITY Table of Contents 2 Data-Centric Security: Providing High-Value Protection for High-Value Data 3 Visibility:
More informationSecure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services
Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013
More informationHP Software, Big Data Rethinking Data Protection
HP Software, Big Data Rethinking Data Protection EPIC Technology Day, November 19 th, 2014 HP Software The 6th largest software company in the world Applications Delivery Management IT Operations Management
More informationZak Khan Director, Advanced Cyber Defence
Securing your data, intellectual property and intangible assets from cybercrime Zak Khan Director, Advanced Cyber Defence Agenda (16 + optional video) Introduction (2) Context Global Trends Strategic Impacts
More informationBYPASSING THE ios GATEKEEPER
BYPASSING THE ios GATEKEEPER AVI BASHAN Technology Leader Check Point Software Technologies, Ltd. OHAD BOBROV Director, Mobile Threat Prevention Check Point Software Technologies, Ltd. EXECUTIVE SUMMARY
More informationData Security Best Practices & Reasonable Methods
Data Security Best Practices & Reasonable Methods September 2013 Mike Tassey Technical Security Advisor Privacy Technical Assistance Center (PTAC) http://ptac.ed.gov/ E-mail: PrivacyTA@ed.gov Phone: 855-249-3072
More informationStop advanced targeted attacks, identify high risk users and control Insider Threats
TRITON AP-EMAIL Stop advanced targeted attacks, identify high risk users and control Insider Threats From socially engineered lures to targeted phishing, most large cyberattacks begin with email. As these
More information2012 Application Security Gap Study: A Survey of IT Security & Developers
2012 Application Gap Study: A Survey of IT & s Research sponsored by Innovation Independently Conducted by Ponemon Institute LLC March 2012 1 2012 Application Gap Study: A Survey of IT & s March 2012 Part
More informationPublic Cloud Security: Surviving in a Hostile Multitenant Environment
Public Cloud Security: Surviving in a Hostile Multitenant Environment SESSION ID: EXP-R01 Mark Russinovich Technical Fellow Windows Azure, Microsoft @markrussinovich The Third Computing Era Security Could
More informationIntro to QualysGuard IT Risk & Asset Management. Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe
Intro to QualysGuard IT Risk & Asset Management Marek Skalicky, CISM, CRISC Regional Account Manager for Central & Adriatic Eastern Europe A Unified and Continuous View of ICT Security, Risks and Compliance
More informationBridge Development and Operations for faster delivery of applications
Technical white paper Bridge Development and Operations for faster delivery of applications HP Continuous Delivery Automation software Table of contents Application lifecycle in the current business scenario
More informationREMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION
REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION The modern data centre has ever-increasing demands for throughput and performance, and the security infrastructure required to protect and segment the network
More informationAssuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise
Assuria Auditor The Configuration Assurance, Vulnerability Assessment, Change Detection and Policy Compliance Reporting Solution for Enterprise 1. Introduction Information security means protecting information
More informationStrategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security
Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities
More informationProtecting the un-protectable Addressing Virtualisation Security Challenges
Protecting the un-protectable Addressing Virtualisation Security Challenges Paul Hogan, Technical Director, Ward Solutions November 11, 2010 Top Cloud Security Challenges Secure Virtualisation Need secure
More informationBUILDING AN EFFECTIVE VULNERABILITY MANAGEMENT PROGRAM. Henrik Åkerstrand Account Executive Nordics
BUILDING AN EFFECTIVE VULNERABILITY MANAGEMENT PROGRAM Henrik Åkerstrand Account Executive Nordics WHY is vulnerability management important? WHAT are some considerations you should make? HOW can we help
More informationExecutive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:
Executive Summary Texas state law requires that each state agency, including Institutions of Higher Education, have in place an Program (ISP) that is approved by the head of the institution. 1 Governance
More informationWelcome Back Roberto Casetta, Snr. Vice President International. The Story Behind The Crystal Pete Daw, Cities Urban Developer Siemens Plc
Agenda Overview 9:00am General Session Auditorium 13:30pm General Session Auditorium 16:30pm General Session Auditorium 09:00 Welcome am Roberto Casetta, Snr. Vice President International 9:15am HEAT Software
More informationVirtual Application Networks Innovations Advance Software-defined Network Leadership
Virtual Application Networks Innovations Advance Software-defined Network Leadership Simplifying, Scaling and Automating the Network Bethany Mayer Senior Vice President and General Manager HP Networking
More informationREVAMP YOUR IT CAREER AS A CLOUD SECURITY EXPERT
REVAMP YOUR IT CAREER AS A CLOUD SECURITY EXPERT Here s a ringside view of some exciting and challenging careers in the cloud security realm. The advent of the cloud, which was once a niche concept, has
More informationThe Next Generation Data Centers: SPECS and The 3 rd Platform.
The Next Generation Data Centers: SPECS and The 3 rd Platform. Dr. Silvio La Porta Senior Research Scientist EMC Research Europe Dr. Said Tabet Senior Technology Strategist Corporate CTO Office, EMC 1
More informationSoftware Asset Management (SWAM) Capability Description
Software Asset Management (SWAM) Capability Description Purpose Provides an organization visibility into the software installed and operating on their network(s) so they can appropriately manage authorized
More informationAUTHOR: REVISION BY: ADS Lead/Manager ESYS Windows OSA
INFORMATION RESOURCES APPLICATIONS AND DATA SERVICES PROCESS NAME: ADS Web Application Release Management ORIGINAL DOCUMENT DATE: 10/2/2014 AUTHOR: Jim Nelson PROCESS OWNERS: ADS Lead/Manager LAST REVISION:
More informationCloud Security Who do you trust?
Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud
More informationHP ENTERPRISE SECURITY. Protecting the Instant-On Enterprise
HP ENTERPRISE SECURITY Protecting the Instant-On Enterprise HP SECURITY INTELLIGENCE AND RISK MANAGEMENT PLATFORM Advanced Protection Against Advanced Threats 360 Security Monitoring to Detect Incidents
More informationBig Data, Big Risk, Big Rewards. Hussein Syed
Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data
More informationAUTOMATION. Tihomir Hrastovscak HP Software
HP CLOUD SERVICE AUTOMATION Tihomir Hrastovscak HP Software Presales consultant THE CLOUD ADVANTAGE What the business expects Encourages standard 68.5% systems Pay only for what 77.9% you use Easy/fast
More informationThe Protection Mission a constant endeavor
a constant endeavor The IT Protection Mission a constant endeavor As businesses become more and more dependent on IT, IT must face a higher bar for preparedness Cyber preparedness is the process of ensuring
More informationSikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking
Sikkerhet Network Protector SDN app Geir Åge Leirvik HP Networking Agenda BYOD challenges A solution for BYOD Network Protector SDN matched with industry leading service How it works In summary BYOD challenges
More informationLogical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110
Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110 Exam Information Candidate Eligibility: The CyberSec First Responder: Threat Detection and Response (CFR) exam
More informationUMHLABUYALINGANA MUNICIPALITY ANTIVIRUS MANAGEMENT POLICY
UMHLABUYALINGANA MUNICIPALITY ANTIVIRUS MANAGEMENT POLICY Antivirus Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Originator Recommended by Director
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationHP and netforensics Security Information Management solutions. Business blueprint
HP and netforensics Security Information Management solutions Business blueprint Executive Summary Every day there are new destructive cyber-threats and vulnerabilities that may limit your organization
More informationRisk-Ops at Scale: Framework Operationalization to Address Business Risk
SESSION ID: GRC-T08 Risk-Ops at Scale: Framework Operationalization to Address Business Risk Eddie Block Chief Information Security Officer State of Texas @jurishacker Nancy Rainosek Statewide GRC Program
More informationUMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE
UMHLABUYALINGANA MUNICIPALITY PATCH MANAGEMENT POLICY/PROCEDURE Originator Patch Management Policy Approval and Version Control Approval Process: Position or Meeting Number: Date: Recommended by Director
More informationCloud Virtualization Specialist Certification Self-Study Kit Bundle
Cloud Virtualization Specialist Certification Bundle A Certified Cloud Virtualization Specialist has proven knowledge and proficiency with the technologies, mechanisms, platforms, and practices based upon
More informationThe future Cloud. Peter H. Moser, Jr. Manager, Portfolio Architects & Account CTOs
The future Cloud Computing? Peter H. Moser, Jr. Manager, Portfolio Architects & Account CTOs 2011 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without
More informationImproving Customer Communications by Proper Personalization
Improving Customer Communications by Proper Personalization Paweł Walczak Commercial Account Manager for CEE HP Exstream March 13, 2015 The Customer is the most important. There is just one boss. The customer.
More informationHow To Protect Your Mobile Device From Attack
Manage and Secure the Mobile Data, Not Just the Device Stijn Paumen VP Business Development, Wandera The Great Platform Shift 60,000,000 iphone BlackBerry 50,000,000 40,000,000 30,000,000 20,000,000 10,000,000
More informationADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT
ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations
More informationArchitecture & Experience
Architecture & Experience Data Mining - Combination from SAP HANA, R & Hadoop Markus Severin, Solution Principal Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein
More information2011 Cyber Security and the Advanced Persistent Threat A Holistic View
2011 Cyber and the Advanced Persistent Threat A Holistic View Thomas Varney Cybersecurity & Privacy BM Global Business Services 1 31/10/11 Agenda The Threat We Face A View to Addressing the Four Big Problem
More informationNATO Cyber Security Capabilities & Industry Opportunities Building on Solid Foundations. Ian J West Chief, Cyber Security
1 NATO Cyber Security Capabilities & Industry Opportunities Building on Solid Foundations Ian J West Chief, Cyber Security Ian.west@ncia.nato.int 2 NATO UNCLASSIFIED Cyber Security Service Line Ian West
More informationCloud Courses Description
Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment
More informationStorage Cloud Infrastructures
Storage Cloud Infrastructures Detection and Mitigation of MITM Attacks Presenter: Jaqueline Carmilema CyberSecurity for the Next Generation South American Round, Quito 31 January 1 February, 2013 PAGE
More informationOverview TECHIS60241. Carry out risk assessment and management activities
Overview Information in all its forms is a vital component of the digital environment in which we live and work. The protection of information in its physical form is well understood but the protection
More information