Enterprise Security and Risk Management

Transcription

1 Enterprise Security and Risk Management

2 Growth, innovation, efficiency depend on security HP protects what matters Banking Manufacturing Public Sector $9 trillion USD per day Business processes 13 million Citizens per year 2

3 Coleman Parkes Research Security awareness is going in the right direction Security executives are starting to have a seat at the table However, a majority do not have a security strategy in place Security intelligence is on the rise However, reactive measures still dominate resources and budget Information risk strategy adoption 34 % 21 % 45 % Yes No Planning Time Reactive vs proactive Budget reactive proactive 3

4 Coleman Parkes Research Innovation and technology challenges Cloud services can often be secure But awareness of the buyers is often lacking Big data is a big opportunity Provided the data is secure while in use, in transit, at rest Mobility is difficult at many levels But the number of devices, apps, locations keeps growing 4

5 HP presents intelligent security Build it in. Make it intelligent. Protect what matters. Market-leading technology Enterprise perspective Experienced people Choice of delivery models Products Services Hybrid 5

6 HP helps customers move from security to risk management Assess Transform Optimize Manage HP Security Discovery Workshop HP Comprehensive Application Threat Analysis Service HP Data Center Protection Services HP Secure Boardroom A methodical, iterative approach 6

7 The news Embargo until Sept 10

8 Today s announcements Information Security Management HP Security for Public Sector HP Data Center Protection Services Security Operations Data Center Network Application Users & devices HP ArcSight Enterprise Security Manager HP Next Generation Intrusion Prevention Systems HP Information Security PULSE HP Imaging Printing Security Solutions 8

9 HP Security for Public Sector Features Assured Identity new features include identity proofing, privileged user management and federation features. Comprehensive Applications Threat Analysis on Demand now available via the HP Fortify On Demand portal. Security Operations Center Consulting Services provide clients the opportunity to have their own intelligent cybersecurity security operations center designed by HP industry-experienced specialists for their site.* 9 * Not applicable to U.S. Public Sector which has its own security consulting and SOC service Problems it solves Insufficient insight and ability to manage threat posture Continuing escalation of costs driven by identity fraud Vulnerability of applications and data Mounting regulations and budget reductions Customer Benefits Assured Identity Reduction in fraud and improper payments through identity proofing Increased productivity and reduced costs via federation features and as a service delivery option Reduced risk and stronger compliance via privileged user management CATA on Demand Risk and expense reduction through comprehensive early detection Compliance requirements are built into applications Security Operations Center Consulting Services Provides comprehensive view of security control conditions Clients maintain awareness and control over their security operations

10 HP Datacenter Protection Services Features HP Datacenter Protection Service Optimization: HP experts evaluate clients existing physical and logical controls to help improve security effectiveness and maximize operational efficiency. Clients receive actionable recommendations to optimize existing security operations infrastructure and controls, such as security program consolidation or the elimination of unnecessary technology investments. HP Datacenter Governance, Risk and Compliance Readiness Service HP experts analyze the impact of new cybersecurity and privacy regulations. Experts provide recommendations on how to improve governance; risk and compliance practices to address gaps between current and future required controls, helping clients manage risk and reduce costs. HP Datacenter Protection Management Service HP experts evaluate existing security monitoring and management practices to identify issues or opportunities for improvement. Following a comprehensive analysis, HP provides a detailed assessment and roadmap for improving their security monitoring and management. Problem it Solves Too often, security is an afterthought or excluded from an overall data center planning initiatives resulting in operational inefficiencies, compliance issues, new threats and loss of critical data. Furthering this complexity is the introduction of big data, adoption of cloud computing, and mobility expansion. Virtualized environments require an integrated security solution that spans the entire data center, as opposed to siloed, fragmented point-solutions for each system. Customer Benefits Optimization of existing security and governance controls ensures that cost of reducing risk is commensurate with the value of the information and assets. A future state data center t ensures that data privacy and security standards are not violated. Efficient logical and physical threat and vulnerability monitoring and management integrated with overall data center operations to provide a real-time consolidated view of risk leading to quick and efficient resolutions of security events and operation outage conditions. 10

11 HP TippingPoint NX Platform Next Generation IPS Problem it solves Organizations are constantly under attack. Sensitive information is accessed and pulled out of an organization through network connections Performance and configuration become bottlenecks in the enterprises effort to detect and protect their organization Features Based on X-Armour, HP s new break-through architecture First in market to support 16 segments of 10GbE in a 2U form factor A 60% performance increase from prior versions with 13Gbps inspected throughput in the 7100NX Offers pluggable interface modules for easier customization The four available interface modules are: 10GbE with 8 ports (4 segments), 40GbE with 2 ports, 1GbE fiber with 12 ports, 1Gbe copper with 12 port Customer Benefits Protect hybrid environments from a single console Reduces rack space requirements significantly Built to perform in the most demanding data centers with Updated with weekly intelligence from industry leading global researchers This configuration makes the HP NGIPS the best solution for current and next generation data centers where 10GbE networks are typically deployed 11

12 HP ArcSight ESM 6.0c with CORR Engine Problem it solves The large amount of security event data makes it extremely difficult to extract relevant, timely, and actionable information without the ability to quickly analyze Detecting and preventing both internal and external information security risks without the help of advanced log analysis, correlation and reporting is ineffective Features The first ArcSight SIEM software product to use the HP CORR (Correlation Optimized Retention and Retrieval) engine Compared with advanced RDBMS versions, ESM 6.0c offers 300%-500% faster correlation CORR engine provides highly efficient data storage-- up to 20 times less storage--for all SIEM use cases HP ArcSight CORR technology can now be deployed as an appliance and as a software Customer Benefits Reduces threat and risk impacting the enterprise network Reduced cost of security via faster collection/correlation, simplified analysis and more efficient storage Lower cost of compliance via automated regulatory reporting and continuous controls monitoring 12

13 HP Introduces Information Security Pulse Problem it solves Many enterprise organizations do not have visibility into cyber threats and attacks Many enterprise organizations do not realize the extent to which their information may be exposed to exploits, if they are not using HP IPS solutions Features Free access to trending threat and attack data from HP DVLabs Provides geographic-based situational awareness information Provides customizable news feed feature Available for ipad, iphone, Android, WebOS and web Customer Benefits Provides customers with free access to HP Dvlabs proprietary cyber threat data Helps people in security and non-security roles to see and understand the threats and attack trends that may affect their enterprise Helps educate customers about cyber security situational awareness 13

14 HP Imaging and Printing Security Assessment Features HP Imaging and Printing Security Assessment Reviews the entire print environment from a security and compliance perspective Recommends how to maintain and verify compliance with defined security policies Delivers a print security policy unique to the customers environment and risk tolerance HP Access Control for Healthcare Supports Cerner and Meditech ERM systems Provides audit log of who is faxing, scanning, copying, and printing protected patient health information Offers a user one-time sign-on for authentication HP Imaging & Printing Security Center Broader HP device & operating system compatibility Automatically connects supported HP devices upon device install, reboot or reset, and configures them with a customerdefined security policy Powerful password management capabilities, including the ability to automatically set device passwords out-of-box Problem it solves HP Imaging and Printing Security Assessment Prevents risks associated with unattended documents on a printer, data processing from PC to device, and information on hard drives. HP Access Control for Healthcare Need to address print environment security across their fleet. Users require convenient authentication ; on-the-go print solutions HP Imaging & Printing Security Center Challenges with creating a valid security policy Difficulty securing fleet as devices are added, moved, or serviced. Regulations & industry standards require complex compliance Customer Benefits Imaging and Printing Security Assessment Prevents data loss and information leaks and ensure compliance Addresses data lifecycle protection for printing and imaging HP Access Control for Healthcare Reduces costs, eliminates paper waste from unclaimed print jobs Enhances device security and management and improves companywide printing policies HP Imaging & Printing Security Center Guides customers through creating a valid security policy Provides quick & easy deployment of security across the fleet with a single security policy Provides ongoing security monitoring to keep devices compliant 14

15 Thank you