A complete Information Risk Management solution for ISF Members using IRAM and STREAM
|
|
- Aldous Sherman
- 8 years ago
- Views:
Transcription
1 Jason Creasey Certified STREAM Consultant A complete Information Risk Management solution for ISF Members using Simon Marvell Partner Abstract IRAM is a business-led information risk analysis methodology used widely by ISF members. IRAM provides tools for business impact assessment, threat and vulnerability assessment and control selection. However, it is not an integrated web-based solution and does not provide tools for ongoing monitoring and reporting of risk status or workflow for managing the treatment of unacceptable risks. This paper describes how IRAM can be used easily with Acuity s STREAM GRC software to provide a complete information risk management solution for ISF members. Overview of IRAM IRAM provides a three stage approach as illustrated in Figure 1. The comprehensive Business Impact Assessment is widely used and is ideal to provide a front-end to STREAM, where the summary detail can be entered and copies of the supporting BIA spreadsheets stored centrally. The Threat and Vulnerability Assessment is useful, particularly in conjunction with the ISF Healthcheck, both of which are compatible with STREAM. The control selection tool gives food for thought but at present is less widely used than the other two stages. Figure 1: Three-stage IRAM Process Note. The two assessment tools in IRAM are based on spreadsheets, which can be co-ordinated using the web-based Risk Analyst Workbench (RAW). For simplicity we just use the term IRAM in this paper. Page 1 of 7
2 The roles of in managing Information Risk IRAM provides a strong business driven articulation of the requirements for information security through its business impact analysis (BIA). The BIA provides an essential understanding of the requirements for Confidentiality, Integrity and Availability (CIA) of information which can be informed and refined by an understanding of the likelihood of a loss event or incident occurring by the IRAM Threat & Vulnerability Analysis. Clearly, information with high requirements for CIA needs a high degree of protection and without that protection there would be a significant risk (probably an expectation) of serious damage, even more so when there is a genuine likelihood of loss or attack. But the assumption of no protection is theoretical and the risk information of most value to business managers is an understanding of the residual risk, taking account of the existence and performance of controls deployed to mitigate this risk. The IRAM Control Selection stage allows a range of controls to be considered and, where required, helps to select additional controls to reduce the likelihood of serious incidents occurring. However, IRAM it is not designed to quantify residual risk as part of the risk analysis or to monitor residual risk as contributory factors change. This means that while, following an IRAM risk analysis, the business can be confident that it has a good understanding of the requirements for information security it may not fully understand the residual risk. Furthermore, any understanding of residual risk that it does have will deteriorate over time if the performance of controls changes in a way that is not visible to the risk analyst. The following table summarises the main factors that influence residual risk and their frequency of change: Factor Frequency of Change Influence on Residual Risk Business Impact Analysis Threat Likelihood Vulnerabilities Control Selection Relatively static - once determined, the potential business impacts from a loss of CIA tend not to change much 1. Variable by risk type. Can change significantly at short notice, e.g. if targeted by attackers Weaknesses in control 2 variable by control type. Can change significantly at short notice, e.g. zero-day vulnerabilities Variable as BIA, Threat Likelihood and Vulnerabilities change A broad statement of information security requirements Refines the BIA defined requirements Increases the likelihood that an attack, if mounted would be successful The design for reducing residual risk to an acceptable level Supported by IRAM? Supported by STREAM? - Detailed - Summary, but not as a compliance tool 1 The BIA can change as information goes through different phases in its lifecycle, e.g. data which is embargoed before publication. However this can be modelled and the BIA at each lifecycle stage tends to be relatively static. 2 Most vulnerabilities are weaknesses in control. However, organisations may also be inherently vulnerable to an incident, e.g. if there is a single-point of failure. Inherent vulnerabilities result in higher requirements for security whereas control vulnerabilities require improvement in control performance. Page 2 of 7
3 Factor Frequency of Change Influence on Residual Risk Control Performance Incidents and Near-misses Handling of Improvement Actions Variable, perhaps due to staffing levels, budget constraints, competing priorities, people making mistakes Variable by incident type Variable depending on the volume and frequency of improvement actions Very important factor in maintaining residual risk at an acceptable level Feedback on the performance of the above factors allowing refinement and improvement Reduces residual risk as improvement actions are completed Supported by IRAM? No No Supported by STREAM? Figure 2: The contributory factors in understanding residual risk The above table illustrates that all residual risk factors are variable (less so for BIA), sometimes to quite an extent. This means that to be effective and provide meaningful management information an information risk management solution must: Integrate all the different components of information risk Calculate residual risk it is impossible for a risk analyst to manually evaluate all of the above factors, even where they have visibility of them Update the calculation every time one of the factors changes, which could, in some cases, be daily. IRAM does not calculate residual risk or support the complete range of residual risk factors, as illustrated in the table above. However, a combination of IRAM with STREAM provides a complete, easy to use and powerful solution for information risk management. A complete information risk management solution for ISF Members using Figure 3 overleaf illustrates the recommended combined solution, allowing ISF members to take advantage of the powerful graphical displays and aggregation facilities available in STREAM without losing the benefits of the ISF IRAM tool which comes as a standard part of ISF membership. STREAM s asset management and risk modelling, which are straightforward and easy-to use, are important so that risk boards, committees or equivalent can view and discuss the risks to an application before it goes live or if it changes significantly. Although knowledge of how STREAM can be used with ISF tools will be very useful, STREAM can be configured easily without the need for extensive support, saving time and money. Furthermore, once it has been set up, many risk assessments can become semi-automatic. Page 3 of 7
4 Figure 3: A combined IRAM / STREAM Risk Management Solution Business Impact Analysis IRAM provides a comprehensive BIA designed specifically for the needs of ISF members. Members can use the IRAM BIA to capture BIA information and then enter the BIA Summary information to STREAM. Since BIA data is typically fairly static an automated interface is not required and the summary information can be entered to STREAM manually. STREAM can be configured with the same A E scale used by IRAM for recording impacts. Threat and Vulnerability Assessment Stage 2 of IRAM (Threat and Vulnerability Assessment) is not as widely used by Members as Stage 1 (BIA) and so Members may prefer to add this information directly into STREAM as it simplifies the process and is more flexible. Since this information is variable, it will be easy to manage in STREAM which automatically keeps a history of previous assessments and re-calculates the residual risk each time it is updated. Members that prefer to keep their Threat and Vulnerability Assessments in IRAM can transpose or import the data to STREAM. STREAM can be configured with the ISF Threat list and / or other Threat lists as required and the same A-E scale used by IRAM for recording threat likelihood. Control Selection As with Stage 2, Stage 3 of IRAM (Control Selection) is not as widely used by Members as Stage 1 (BIA) and so Members may prefer to add this information directly into STREAM, particularly for Page 4 of 7
5 compliance monitoring. STREAM also has the advantage in that its Framework mappings allow Controls to be mapped to Asset Classes and Threats. So each time an Asset is added to an Asset Class, STREAM will automatically map all relevant Controls and Threats to the Asset. STREAM can be configured with ISF Controls Content, such as the Standard of Good Practice (SoGP), Security Healthcheck, Benchmark controls or any other set of control standards, such as ISO 27001, PCI-DSS, COBIT 5 or internal policies and control standards. If Members prefer to use IRAM for control selection they can do so and transpose or import the data to STREAM. Control Compliance and Performance of Key Control Indicators (KCIs) Since control compliance and, in particular, the performance of key control indicators is such an important factor in residual risk, and varies over time, it is recommended that this information is recorded in STREAM. A history of control assessments is maintained and residual risk is recalculated every time a change is made. As indicated above, STREAM can be configured with ISF Controls content or any other set of control standards. Multiple controls assessment schemes can be defined for different control sets, including the ISF benchmarking scheme. An optional Control Approvals scheme can be configured to provide independent approval of control assessments. Incidents and Near-misses IRAM does not provide a facility for recording and tracking incidents and near-misses but they can be captured in STREAM and linked to Assets, Controls and Threats. STREAM can be configured with the ISF s Threat / Incident types. The impact of incidents can be recorded in STREAM (if required using the ISF s A-E scale) and reporting provides information on frequency and average impact of events which can be used to refine and continually improve the risk assessment and residual risk calculation. Action Management IRAM provides only limited options for recording and tracking actions but they can be raised (and easily tracked) in STREAM against controls, risks, incidents and near-misses. As actions are completed, the status of controls and risks can be updated in STREAM and the residual risk re-calculated. Alerting and Workflow As a single-user system IRAM does not support alerting and workflow. In STREAM risks, controls, incidents, near-misses and actions can be allocated to owners who will receive an alert. Dates of next assessment, approval, acceptance and target completion dates for actions can be recorded with alerts and reminders sent to users. Workflow can be established to handle exceptions and waivers. Page 5 of 7
6 Asset Management and Risk Modelling A strength of STREAM is its configurable asset-based approach to risk management. Asset is a term used in STREAM to denote a component of the target scope for risk management. IRAM takes a system based approach to risk assessment and this can be configured in STREAM. However, Members also have a range of preferred primary points of focus some prefer a business process led approach, others segment into business as usual and project views, while others structure geographically and /or by technology components (critical business applications, networks, computer installations etc.). STREAM is configurable to support all of these approaches and they can be mixed and matched with different risk assessment and control assessment schemes as required. An unlimited Asset Class tree structure can be configured in STREAM allowing organisations to configure assets down to their required level of detail. As Assets are then added to the scope of the risk assessment, threats and controls will be automatically mapped to the Assets providing important assurance that a consistent approach is being taken to common Assets across the Enterprise. STREAM s flexibility in this area allows multiple risk types to be managed in the same database so, for example, information risk management can be integrated with: supply chain risk management; business continuity; privacy, and; enterprise risk management. Residual Risk Calculation As any contributory factor to residual risk assessment is changed, STREAM automatically recalculates residual risk and compares it against risk thresholds. Risk appetites can optionally be set in STREAM allowing residual risk to be reported in relation to risk appetite. STREAM automatically logs previous assessments so users can view history and trends. For frequently changing factors, such as patch or anti-virus status, key control indicators for these factors can be defined and the data imported automatically from third party applications (such as scanners and anti-virus systems) allowing the residual risk status to be updated in real time. Monitoring and Reporting STREAM provides an extensive set of graphical dashboards and reports providing easy, on-demand, visibility of risk and compliance status. Subject to user management permissions, users can aggregate up for summary views or drill down for more information. Reports draw real-time views from the database which is continually updated as factors change, ensuring that the user can always see the current status. Historical reports also allow the user to review progress and perform trend analysis. Conclusion ISF Members have long-recognised the importance of information risk management and the value of accurate information on risk and compliance status. IRAM is an excellent tool for risk analysis with a particularly strong BIA component which identifies information security requirements. However, to provide important information on residual risk Page 6 of 7
7 status in a centralised, aggregated manner, it needs to be combined with a tool that can calculate residual risk status and provide strong risk monitoring and reporting capabilities. STREAM provides these capabilities and also additional features not provided with IRAM such as Incident / Near-misses and Action Management. STREAM is configurable with ISF content and will therefore integrate seamlessly with IRAM. Finally, STREAM s multi-user capability with workflow and alerting will allow Members to extend controlled information risk management processes out from specialised, trained risk analysts to the wider user-base, including control owners, incident owners, action owners and auditors. Business managers can use STREAM s dashboards and reports to see at a glance real-time views of their residual risk and compliance status, identifying areas of concern for investigation. Contact Information Jason Creasey Director Simon Marvell Partner jason.creasey@jerakano.com (0) (0) simon.marvell@acuityrm.com (0) (0) Relationship between Acuity and Jerakano STREAM Integrated Risk Manager from Acuity Risk Management provides flexible, easy to use and cost effective automation for managing risk and compliance to both ISF members and nonmembers alike. As a Certified Consulting Partner, Jerakano can help you automate the ISF Standard of Good Practice and other ISF deliverables such as IRAM, Security Healthcheck, Benchmarking and Securing the Supply Chain using STREAM Integrated Risk Manager. Page 7 of 7
A blueprint for an Enterprise Information Security Assurance System. Acuity Risk Management LLP
A blueprint for an Enterprise Information Security Assurance System Acuity Risk Management LLP Introduction The value of information as a business asset continues to grow and with it the need for effective
More informationSTREAM Cyber Security
STREAM Cyber Security Management Software Governance, Risk Management & Compliance (GRC) Security Operations, Analytics & Reporting (SOAR) Fast, flexible, scalable, easy to use and affordable software
More informationThe 2011 Standard of Good Practice for Information Security. June 2011
The 2011 Standard of Good Practice for Information Security June 2011 Published by Information Security Forum Limited Tel: +44 (0)20 7213 1745 Fax: +44 (0)20 7213 4813 Email: info@securityforum.org Web:
More informationPROTEUS Enterprise - IT Governance, Risk and Compliance Management Solution
PROTEUS Enterprise - IT Governance, Risk and Compliance Management Solution 1. The Challenge Large enterprises are experiencing an ever increasing burden of regulation and legislation against which they
More informationRSA ARCHER OPERATIONAL RISK MANAGEMENT
RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume
More information8 Key Requirements of an IT Governance, Risk and Compliance Solution
8 Key Requirements of an IT Governance, Risk and Compliance Solution White Paper: IT Compliance 8 Key Requirements of an IT Governance, Risk and Compliance Solution Contents Introduction............................................................................................
More informationLOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE The Tripwire VIA platform delivers system state intelligence, a continuous approach to security that provides leading indicators of breach
More informationProcuring Penetration Testing Services
Procuring Penetration Testing Services Introduction Organisations like yours have the evolving task of securing complex IT environments whilst delivering their business and brand objectives. The threat
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationLOG INTELLIGENCE FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF uugiven today s environment of sophisticated security threats, big data security intelligence solutions and regulatory compliance demands, the need for a log intelligence solution has become
More informationMaintaining PCI-DSS compliance. Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com
Maintaining PCI-DSS compliance Daniele Bertolotti daniele_bertolotti@symantec.com Antonio Ricci antonio_ricci@symantec.com Sessione di Studio Milano, 21 Febbraio 2013 Agenda 1 Maintaining PCI-DSS compliance
More informationImproving Residual Risk Management Through the Use of Security Metrics
Improving Residual Risk Management Through the Use of Security Metrics Every investment in security should be effective in reducing risk, but how do you measure it? Jonathan Pagett and Siaw-Lynn Ng introduce
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationAchieving Regulatory Compliance through Security Information Management
www.netforensics.com NETFORENSICS WHITE PAPER Achieving Regulatory Compliance through Security Information Management Contents Executive Summary The Compliance Challenge Common Requirements of Regulations
More informationSORTING OUT YOUR SIEM STRATEGY:
SORTING OUT YOUR SIEM STRATEGY: FIVE-STEP GUIDE TO TO FULL SECURITY INFORMATION VISIBILITY AND CONTROLLED THREAT MANAGEMENT INTRODUCTION It s your business to know what is happening on your network. Visibility
More informationThe Next Generation of Security Leaders
The Next Generation of Security Leaders In an increasingly complex cyber world, there is a growing need for information security leaders who possess the breadth and depth of expertise necessary to establish
More informationReal-Time Security for Active Directory
Real-Time Security for Active Directory Contents The Need to Monitor and Control Change... 3 Reducing Risk and Standardizing Controls... 3 Integrating Change Monitoring... 4 Policy Compliance... 4 The
More informationSecureVue Product Brochure
SecureVue unifies next-generation SIEM, security configuration auditing, compliance automation and contextual forensic analysis into a single platform, delivering situational awareness, operational efficiency
More informationCyber Security Consultancy Standard. Version 0.2 Crown Copyright 2015 All Rights Reserved. Page 1 of 13
Cyber Security Consultancy Standard Version 0.2 Crown Copyright 2015 All Rights Reserved Page 1 of 13 Contents 1. Overview... 3 2. Assessment approach... 4 3. Requirements... 5 3.1 Service description...
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationSorting out SIEM strategy Five step guide to full security information visibility and controlled threat management
Sorting out SIEM strategy Five step guide to full security information visibility and controlled threat management This guide will show you how a properly implemented and managed SIEM solution can solve
More informationCurrent IBAT Endorsed Services
Current IBAT Endorsed Services Managed Network Intrusion Prevention and Detection Service SecureWorks provides proactive management and real-time security event monitoring and analysis across your network
More informationEffective Threat Management. Building a complete lifecycle to manage enterprise threats.
Effective Threat Management Building a complete lifecycle to manage enterprise threats. Threat Management Lifecycle Assimilation of Operational Security Disciplines into an Interdependent System of Proactive
More informationLOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE As part of the Tripwire VIA platform, Tripwire Log Center offers out-of-the-box integration with Tripwire Enterprise to offer visibility
More informationSECURITY RISK MANAGEMENT. FIRST 2007 Seville, Spain
SECURITY RISK MANAGEMENT FROM TECHNOLOGY VISION TO MARKET REALITY Avi Corfas, VP EMEA Skybox Security FIRST 2007 Seville, Spain Topics The Risk Assessment Challenge What Is IT Security Risk Management?
More informationFIREMON SECURITY MANAGER
FIREMON SECURITY MANAGER Regain control of firewalls with comprehensive firewall management The enterprise network is a complex machine. New network segments, new hosts and zero-day vulnerabilities are
More informationMetrics that Matter Security Risk Analytics
Metrics that Matter Security Risk Analytics Rich Skinner, CISSP Director Security Risk Analytics & Big Data Brinqa rskinner@brinqa.com April 1 st, 2014. Agenda Challenges in Enterprise Security, Risk
More informationPCI DSS Reporting WHITEPAPER
WHITEPAPER PCI DSS Reporting CONTENTS Executive Summary 2 Latest Patches not Installed 3 Vulnerability Dashboard 4 Web Application Protection 5 Users Logging into Sensitive Servers 6 Failed Login Attempts
More informationRSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief
RSA Solution Brief RSA envision Platform Real-time Actionable Information, Streamlined Incident Handling, Effective Measures RSA Solution Brief The job of Operations, whether a large organization with
More informationIT Audit in the Cloud
IT Audit in the Cloud Pavlina Ivanova, CISM ISACA-Sofia Chapter Content: o 1. Introduction o 2. Cloud Computing o 3. IT Audit in the Cloud o 4. Residual Risks o Used Resources o Questions 1. ISACA Trust
More informationReal-Time Security Intelligence for Greater Visibility and Information-Asset Protection
Real-Time Security Intelligence for Greater Visibility and Information-Asset Protection Take the Effort Out of Log Management and Gain the Actionable Information You Need to Improve Your Organisation s
More informationThe Convergence of IT Security and Compliance with a Software as a Service (SaaS) approach
The Convergence of IT Security and Compliance with a Software as a Service (SaaS) approach by Philippe Courtot, Chairman and CEO, Qualys Inc. Information Age Security Conference - London - September 25
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationEnterprise Risk Management in Compliance 360
Enterprise Risk Management in Compliance 360 2 Enterprise Risk Management in Compliance 360 Effective risk management involves identifying and understanding the risks the organization is faced with, analyzing
More informationSecuring business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security
Securing business data CNS White Paper Cloud for Enterprise Effective Management of Data Security Jeff Finch, Head of Business Development, CNS Mosaic 2nd July 2015 Contents 1 Non-Disclosure Statement...
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationIT Risk Management Era: Research Challenges and Best Practices. Eyal Adar, Founder & CEO Eyal@WhiteCyberKnight.com Chairman of the EU SRMI
IT Risk Management Era: Research Challenges and Best Practices IARA Work Group July 1 st, 2007, Santa Clara - California Eyal Adar, Founder & CEO Eyal@WhiteCyberKnight.com Chairman of the EU SRMI (Security
More informationAvoiding the Top 5 Vulnerability Management Mistakes
WHITE PAPER Avoiding the Top 5 Vulnerability Management Mistakes The New Rules of Vulnerability Management Table of Contents Introduction 3 We ve entered an unprecedented era 3 Mistake 1: Disjointed Vulnerability
More informationManaged Services. Business Intelligence Solutions
Managed Services Business Intelligence Solutions Business Intelligence Solutions provides an array of strategic technology services for life science companies and healthcare providers. Our Managed Services
More informationFull-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform
Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Solution Brief Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Finding
More informationOPERATIONAL RISK MANAGEMENT & MODELLING FROM WYNYARD GROUP & EVMTECH
WYNYARDGROUP.COM OPERATIONAL RISK MANAGEMENT & MODELLING FROM WYNYARD GROUP & EVMTECH Wynyard Group and EVMTech s combined solution provides an end-to-end risk management process that enables organisations
More informationThe Education Fellowship Finance Centralisation IT Security Strategy
The Education Fellowship Finance Centralisation IT Security Strategy Introduction This strategy outlines the security systems in place to optimise, manage and protect The Education Fellowship data and
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.5)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided
More informationWelcome to Modulo Risk Manager Next Generation. Solutions for GRC
Welcome to Modulo Risk Manager Next Generation Solutions for GRC THE COMPLETE SOLUTION FOR GRC MANAGEMENT GRC MANAGEMENT AUTOMATION EASILY IDENTIFY AND ADDRESS RISK AND COMPLIANCE GAPS INTEGRATED GRC SOLUTIONS
More informationCORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT
CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT How advancements in automated security testing software empower organizations to continuously measure information
More informationWhite Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI
White Paper Achieving PCI Data Security Standard Compliance through Security Information Management White Paper / PCI Contents Executive Summary... 1 Introduction: Brief Overview of PCI...1 The PCI Challenge:
More informationG-Cloud IV Framework Service Definition Accenture Web Application Security Scanning as a Service
G-Cloud IV Framework Service Definition Accenture Web Application Security Scanning as a Service 1 Table of contents 1. Scope of our services... 3 2. Approach... 4 a. HealthCheck Application Scan... 4
More informationOnline Resources Business Banking
Online Resources Business Banking Reach Your Highest-Value Clients Take advantage of a business banking solution that s exceptionally reliable, secure, and easy to manage. Take the opportunity to acquire,
More informationDefining, building, and making use cases work
Defining, building, and making use cases work Paul Brettle Presales Manager, Americas Pacific Region What is a use case? Compliance FISMA, PCI, SOX, etc Network security firewalls, IDS, routers & switches
More informationIntroduction Jim Rowland, Senior System Architect and Project Manager Daly
Introduction Jim Rowland, Senior System Architect and Project Manager Daly Stepping Up to Enterprise Vulnerability Management Keren Cummins, Director, Federal and MidAtlantic Markets ncircle Presentation
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationADRIAN DAVIS INFORMATION SECURITY FORUM
Securing the Supply Chain: Guide to Risk Management ADRIAN DAVIS INFORMATION SECURITY FORUM Session ID: GRC-201B Session Classification: Intermediate Introduction Introduction Presentation based on research
More informationStrategic Plan On-Demand Services April 2, 2015
Strategic Plan On-Demand Services April 2, 2015 1 GDCS eliminates the fears and delays that accompany trying to run an organization in an unsecured environment, and ensures that our customers focus on
More informationA Guide to the Cyber Essentials Scheme
A Guide to the Cyber Essentials Scheme Published by: CREST Tel: 0845 686-5542 Email: admin@crest-approved.org Web: http://www.crest-approved.org/ Principal Author Jane Frankland, Managing Director, Jane
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationCYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY
CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY INTRODUCTION Information security has evolved. As the landscape of threats increases and cyber security 1 management becomes
More informationService Definition Document
Service Definition Document QinetiQ Secure Cloud Protective Monitoring Service (AWARE) QinetiQ Secure Cloud Protective Monitoring Service (DETER) Secure Multi-Tenant Protective Monitoring Service (AWARE)
More informationBusiness Continuity Policy
Business Continuity Policy St Mary Magdalene Academy V1.0 / September 2014 Document Control Document Details Document Title Document Type Business Continuity Policy Policy Version 2.0 Effective From 1st
More informationBusiness Case Outsourcing Information Security: The Benefits of a Managed Security Service
Business Case Outsourcing Information Security: The Benefits of a Managed Security Service seccuris.com (866) 644-8442 Contents Introduction... 3 Full- Time Experts vs. a Part- Time In- House Staff...
More informationSTATE OF ARIZONA Department of Revenue
STATE OF ARIZONA Department of Revenue Douglas A. Ducey Governor September 25, 2015 David Raber Director Debra K. Davenport, CPA Auditor General Office of the Auditor General 2910 North 44 th Street, Suite
More informationDETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD
SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD Protecting your infrastructure requires you to detect threats, identify suspicious
More informationNetwork Security and Vulnerability Assessment Solutions
Network Security and Vulnerability Assessment Solutions Unified Vulnerability Management It s a known fact that the exponential growth and successful exploitation of vulnerabilities create increasingly
More informationDCIM Software and IT Service Management - Perfect Together DCIM: The Physical Heart of ITSM
1 Overview Information Technology is so fundamental to every business today that every organization needs to establish formal processes to ensure that IT services are continually aligned to the business,
More informationSimply Sophisticated. Information Security and Compliance
Simply Sophisticated Information Security and Compliance Simple Sophistication Welcome to Your New Strategic Advantage As technology evolves at an accelerating rate, risk-based information security concerns
More informationLogInspect 5 Product Features Robust. Dynamic. Unparalleled.
LogInspect 5 Product Features Robust. Dynamic. Unparalleled. Enjoy ultra fast search capabilities in simple and complex modes optimized for Big Data Easily filter and display relevant topics, eg: Top 10
More informationState of Oregon. State of Oregon 1
State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationNERC Cyber Security. Compliance Consulting. Services. HCL Governance, Risk & Compliance Practice
NERC Cyber Security Compliance Consulting Services HCL Governance, Risk & Compliance Practice Overview The North American Electric Reliability Corporation (NERC) is a nonprofit corporation designed to
More informationProving Control of the Infrastructure
WHITE paper The need for independent detective controls within Change/Configuration Management page 2 page 3 page 4 page 6 page 7 Getting Control The Control Triad: Preventive, Detective and Corrective
More informationTotal Protection for Compliance: Unified IT Policy Auditing
Total Protection for Compliance: Unified IT Policy Auditing McAfee Total Protection for Compliance Regulations and standards are growing in number, and IT audits are increasing in complexity and cost.
More informationBusiness Continuity Management Software
Business Continuity Management (BCM) Software 1 Business Continuity Management Software All In One Continuity Management Solution A Single Platform Approach Manage entire lifecycle with comprehensive BC
More informationLogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.
LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled. LOGPOINT Enjoy ultra fast search capabilities in simple and complex modes optimized for Big Data Easily filter and display relevant topics,
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationOpen Source Business Rules Management System Enables Active Decisions
JBoss Enterprise BRMS Open Source Business Rules Management System Enables Active Decisions What is it? JBoss Enterprise BRMS provides an open source business rules management system that enables active
More informationInnovation in Work Health and Safety Solutions
Innovation in Work Health and Safety Solutions Global Resources... Local Knowledge NTT DATA Figtree Systems provide an intuitive cloud based WHS / OH&S reporting and management tool, assisting
More informationInformation Security in Business: Issues and Solutions
Covenant University Town & Gown Seminar 2015 Information Security in Business: Issues and Solutions A Covenant University Presentation By Favour Femi-Oyewole, BSc, MSc (Computer Science), MSc (Information
More informationPASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013
2013 PASTA Abstract Process for Attack S imulation & Threat Assessment Abstract VerSprite, LLC Copyright 2013 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
More informationCompliance and Governance
Compliance and Governance Compliance and Governance Governance is concerned with accountability and responsibility in terms of the standards that are used to direct and control an IS department. The wave
More informationDigi Device Cloud: Security You Can Trust
Digi Device Cloud: Security You Can Trust Abstract Historically, security has oftentimes been an afterthought or a bolt-on to any engineering product. In today s markets, however, security is taking a
More informationLot 1 Service Specification MANAGED SECURITY SERVICES
Lot 1 Service Specification MANAGED SECURITY SERVICES Fujitsu Services Limited, 2013 OVERVIEW OF FUJITSU MANAGED SECURITY SERVICES Fujitsu delivers a comprehensive range of information security services
More informationTenable Enterprise Product Training
Tenable Enterprise Product Training Tenable Unified Security Monitoring for Analysts (5MD) This hands-on instructor led course provides security analysts with the skills and knowledge necessary to discover
More informationQRadar SIEM 6.3 Datasheet
QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar
More informationTEC Capital Asset Management Standard January 2011
TEC Capital Asset Management Standard January 2011 TEC Capital Asset Management Standard Tertiary Education Commission January 2011 0 Table of contents Introduction 2 Capital Asset Management 3 Defining
More informationWhat s New in Security Analytics 10.4. Be the Hunter.. Not the Hunted
What s New in Security Analytics 10.4 Be the Hunter.. Not the Hunted Attackers Are Outpacing Detection Attacker Capabilities Time To Discovery Source: VERIZON 2014 DATA BREACH INVESTIGATIONS REPORT 2 TRANSFORM
More informationPATCH MANAGEMENT. February 2008. The Government of the Hong Kong Special Administrative Region
PATCH MANAGEMENT February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationFirewall Administration and Management
Firewall Administration and Management Preventing unauthorised access and costly breaches G-Cloud 5 Service Definition CONTENTS Overview of Service... 2 Protects Systems and data... 2 Optimise firewall
More informationMeasuring The Value of Information Security. Maninder Bharadwaj manbharadwaj@deloitte.com 23 th July 2011
Measuring The Value of Information Security Maninder Bharadwaj manbharadwaj@deloitte.com 23 th July 2011 Current Challenges Organisations are facing In many service organizations, clients realize that
More informationAutomating ITIL v3 Event Management with IT Process Automation: Improving Quality while Reducing Expense
Automating ITIL v3 Event Management with IT Process Automation: Improving Quality while Reducing Expense An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for NetIQ November 2008 IT Management
More informationInfor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security
Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous
More informationUNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY
UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY ADMINISTRATION TOOLS Stormshield Network Security solutions simplify
More informationWhite Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA
White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial
More informationEcom Infotech. Page 1 of 6
Ecom Infotech Page 1 of 6 Page 2 of 6 IBM Q Radar SIEM Intelligence 1. Security Intelligence and Compliance Analytics Organizations are exposed to a greater volume and variety of threats and compliance
More informationTenzing Security Services and Best Practices
Tenzing Security Services and Best Practices OVERVIEW Security is about managing risks and threats to your environment. The most basic security protection is achieved by pro-actively monitoring and intercepting
More information<risk> Enterprise Risk Management
Global Resources... Local Knowledge is vital in supporting business continuity across diverse and challenging environments and operating models. By consolidating risk management activities into a single,
More informationADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT
ADDING NETWORK INTELLIGENCE INTRODUCTION Vulnerability management is crucial to network security. Not only are known vulnerabilities propagating dramatically, but so is their severity and complexity. Organizations
More informationHP and netforensics Security Information Management solutions. Business blueprint
HP and netforensics Security Information Management solutions Business blueprint Executive Summary Every day there are new destructive cyber-threats and vulnerabilities that may limit your organization
More informationImproving residual risk management through the use of security metrics
Improving residual risk management through the use of security metrics Jonathan Pagett Technical Report RHUL MA 2010 08 31st March 2010 Department of Mathematics Royal Holloway, University of London Egham,
More informationALERT LOGIC FOR HIPAA COMPLIANCE
SOLUTION OVERVIEW: ALERT LOGIC FOR HIPAA COMPLIANCE AN OUNCE OF PREVENTION IS WORTH A POUND OF CURE Alert Logic provides organizations with the most advanced and cost-effective means to secure their healthcare
More informationWe help companies operate responsibly and sustainably, grow with a clear understanding of strategic risk and
SOX Compliance We help companies operate responsibly and sustainably, We help companies operate responsibly and sustainably, grow with a clear understanding of strategic risk and grow with a clear understanding
More information