Accenture Cyber Security Transformation. October 2015
|
|
- Clinton Johnson
- 8 years ago
- Views:
Transcription
1 Accenture Cyber Security Transformation October 2015
2 Today s Presenter Antti Ropponen, Nordic Cyber Defense Domain Lead Accenture Nordics Antti is a leading consultant in Accenture's security consulting practice. His role is to lead Accenture's Cyber Defense domain in the Nordics. He has over 10 years of experience in delivering security solutions to different customer segments from strategic to technical perspectives. He has been a responsible and a delivery lead in multiple security transformation programs as well as large scale identity and access management (IAM) and security analytics delivery projects. 2
3 Accenture Security and our Nordic practice Nordic Security Prac/ce Nordic Security Team: 140+ Globally: (500+ from GDN) Service areas: Assess and Architect Digital IdenCty Cyber Defense Managed Security Emerging Technology Security 3
4 Today s Topic Q: How to transform Cyber Security? 4
5 The Cyber Security Challenge Organizations struggle to manage threats to their business Scaling Defenses is a struggle Compliance is simply not enough A reactive security incident management is overwhelming Threats from downstream supply chain are difficult to manage 5
6 Our Approach Q: How to transform Cyber Security? Focus on what matters most Reduce the frequency and impact of threats Demonstrate measurable business value 6
7 Our Approach Q: How to transform Cyber Security? Focus on what matters most Reduce the frequency and impact of threats Demonstrate measurable business value 7
8 Opportunity Areas for Transforming Cyber Security High performing organizations maximize the value of their Cyber Security investment by developing strong Cyber Security capabilities that are well-aligned with business needs. Focus areas: Well Aligned Assessing and standardizing existing capabilities Decommissioning redundant systems FRAGMENTED Redundant processes and technologies implemented throughout the organization Custom solutions often baked in to infrastructure OPTIMIZED Rationalized cyber security services optimized for business needs High levels of integration of capabilities across the organization Focus areas: Evaluating emerging technologies Strategy & release planning Evaluating cost containment tactics Focus areas: Business Alignment Program mobilization and capability planning Building out Cyber Security core services UNSTRUCTURED Lack of focus and priority by business and IT leadership Limited Cyber Security capabilities based on inadequate solutions MISALIGNED Over-engineered solutions Poorly defined and/or complex IR processes Heavy infrastructure, and limited application focus Focus areas: Process reengineering Functionality enhancements Communications, training, and awareness Loosely Aligned Immature Cyber Security Capability Mature 8
9 Defining Cyber Security Operating Model Overview A Cyber Security Operating Model describes the capabilities and processes needed for an effective Cyber Security program Vulnerability Management Vulnerability Identification Vulnerability Prioritization and Reporting Remediation Tracking Foundational Prepare, Detect, and Respond Operational Monitoring Security Monitoring Compliance Monitoring Event Triage Prioritization and Reporting Log Management Security Incident Management Identification and Triage Response Forensic Analysis Recovery Communication Threat Intelligence Threat Modeling Intelligence Gathering Threat Analysis Intelligence Exchange Supporting Functions Contextual Prioritize and Predict Advanced Security Analytics Data Collection and Enrichment Operational Normalization Data Visualization Algorithmic Data Modeling Data Quality Management Adaptive Automate Active Defense Automation Containment Confusion Disruption Govern Integrate Manage Improve Log Management Events Data Collection and Enrichment Data Quality Management Vulnerability Identification Vulnerability Context Security Monitoring Compliance Monitoring Operationalize Analytics Advanced Security Analytics Vulnerability Management Operational Normalization Algorithmic Data Modeling Data Visualization Vulnerability Prioritization and Reporting Threat Intelligence Operational Monitoring Event Triage Threat Intelligence Cyber Security Governance Threat Modeling Remediation Tracking Prioritization and Reporting Intelligence Gathering Triggers Alerts Focused Monitoring Requests Threat Intelligence Intelligence Gathering Intelligence Exchange Threat Analysis Service Performance Management Continuous Improvement Identification and Triage Threat Intelligence Response Automation Vulnerability Context Security Incident Management Forensic Analysis Communication Incidents Active Defense Recovery Containment Confusion Disruption 9
10 Our View: Many clients are at contextual awareness point in their Cyber Security journey A typical Cyber Security journey will help organizations gain control, reduce threats, and then drive additional value to the business. Most Organizations today should be already at the contextual awareness point of this journey. Foundational Capabilities Objective Establish capabilities to enable detection and response to known attack vectors Contextual Awareness Objective Develop deep contextualization of security events, uncover advanced threats early Adaptive Threat Management Objective Deploy a flexible control model to proactively deter attacks by increasing the attacker s cost CAPABILITIES CAPABILITIES CAPABILITIES Define core metrics for program success Form security operations center (SOC) and incident response (IR) teams Develop incident response processes and procedures Collect system logs and network traffic Develop vulnerability management and threat intelligence capabilities Secure business application development Supplement SOC with breach hunters looking to identify early- stage attacks Deploy a big data advanced analytics platform Supplement SOC with data science capabilities Optimize SOC based upon performance metrics Orchestrate and automate responses Share threat intelligence information 10
11 Our Approach Q: How to transform Cyber Security? Focus on what matters most Reduce the frequency and impact of threats Demonstrate measurable business value 11
12 Understanding of previous decisions and their effects Scientific method approach to operational awareness Ability to respond more effectively improve real-time operational capabilities Value Data-driven & tested decision-making Continual process improvement opportunity Solution Analytical Security (how, why, what else, what might?) Technical Enablers Big Data Capabilities Cheap, scalable, schema-less storage Computing power for processing across data types Distributed computing power Security Analytics Capability Model Business Driver Current security offerings focus on the what happened or what s going on now questions of security. Security practitioners need to be able to answer the how, why, what else, and what might questions. 12
13 Our Approach Q: How to transform Cyber Security? Focus on what matters most Reduce the frequency and impact of threats Demonstrate measurable business value 13
14 The Business Value Model provides the ability to communicate technical capability and performance in business language The Business Value Model demonstrates how information security enables, supports and aligns with business goals and objectives and provides two-way traceability from business requirements to technical controls and back Cyber Security Business Value Model Business Strategy Opportunities and Threats Business Processes Compliance Drivers Business Requirements Business Drivers for Security Business Attributes Taxonomy Threat & Risk Models Metrics Cyber Security Operational Management 14
15 Case Study: A Large Financial Services Company in the Nordics 15
16 Case Study: Security transformation program for a large financial services company Security transformation program has helped our client to define security baseline, adopt constant development mindset, seek effectiveness/cost savings from security related systems and processes that support business strategy. Nov 15 Priorities Strategy and assessment Security business value Aug 2014 Apr 2014 Jun 2014 Centralized SIEM/log management IDM assessment IDM transformation & development IDM capabilities and gaps Sep 2014 Security capability assessment & business case Dec 2014 Nov 2014 Assessment results: Baseline Developme nt areas Sec capabilities as-is and to-be Industry related threats Mar 15 SIEM/Log Log management 1 st 2 nd go live management go live (extensions) Apr 15 Security transformation program kickoff (H1/15) Jun 15 Security transformation program first deliverables IVM/AVM pilot Employee security awareness Asset management Jun 15 Dedicated program for sec transformation Long term constant development Log management 3 rd go live (extensions) Jul 15 Security transformation program (H2/15): Business case renewal Extended enterprise IAM Oct 15 Security transformation program: Results Security transformation program: Application security Security as a Service extension Cloud strategy alignment with sec considerations Strategic sec investments Design and implement Operate IDM quick wins Remediate Key Audit items SIEM/log mgmt capabilities improvement Assess Threats for compliance and Vulnerabilities Implement technical controls to secure business New SOC features Final Log Opportunity source extensions to lower (pilot) the overall cost Implement Security capabilities IDM: effectiveness, to Enable cost the savings, identity management process enhancement, user satisfaction business SIEM/Log management : strategic integration roadmap, improved audit compliance, SOC/SIEM capabilities and models 16
17 Next Steps 17
18 Next Steps We can help organizations understand their existing Cyber Security capabilities and evaluate their change initiatives to develop a value-driven transformation roadmap and help driving that journey Cyber Security Capability Maturity Model Understand Maturity & Ensure Full Leverage Cyber Security Project Business Case Assessment Business Value Quick Win Project B Project C Strategic Project A Project D Maximize Cost-to-Serve & Business Value A value driven transformation roadmap provides a comprehensive list of prioritized change initiatives that enable an organization to deliver incremental value Quick Win Misaligned Investment 18
19 Thank you! 19
20 Accenture Cyber Defense Services Accenture Cyber Defense services enable our clients to detect, respond, and recover from cyber security attacks. We provide a full lifecycle of services built around a proven operating model and solution architecture. Capability Model Service Delivery Journey Cyber Defense Prepare Transform Run Threat Intelligence Cyber Security Capability Maturity Assessment Cyber Defense Rapid Deployment Kit Managed Cyber Defense Vulnerability Management Indicator of Compromise Discovery Service Cyber Defense Process Engineering and Technology Deployment Operational Monitoring Penetration Testing Cyber Incident Response Advanced Security Analytics Vulnerability Assessment Security Incident Response Technology Architecture Health Check 20
Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges
Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges The opportunity to improve cyber security has never been greater 229 2,287
More informationIntelligence Driven Security
Intelligence Driven Security RSA Advanced Cyber Defense Workshop Shane Harsch Senior Solutions Principal, RSA 1 Agenda Approach & Activities Operations Intelligence Infrastructure Reporting & Top Findings
More informationCybersecurity The role of Internal Audit
Cybersecurity The role of Internal Audit Cyber risk High on the agenda Audit committees and board members are seeing cybersecurity as a top risk, underscored by recent headlines and increased government
More informationRelease of the Draft Cybersecurity Procurement Language for Energy Delivery Systems
Release of the Draft Cybersecurity Procurement Language for Energy Delivery Systems Energy Sector Control Systems Working Group Supporting the Electricity Sector Coordinating Council, Oil & Natural Gas
More informationManaging Open Source Code Best Practices
Managing Open Source Code Best Practices September 24, 2008 Agenda Welcome and Introduction Eran Strod Open Source Best Practices Hal Hearst Questions & Answers Next Steps About Black Duck Software Accelerate
More informationAT&T Global Network Client for Windows Product Support Matrix January 29, 2015
AT&T Global Network Client for Windows Product Support Matrix January 29, 2015 Product Support Matrix Following is the Product Support Matrix for the AT&T Global Network Client. See the AT&T Global Network
More informationCYBER SECURITY, A GROWING CIO PRIORITY
www.wipro.com CYBER SECURITY, A GROWING CIO PRIORITY Bivin John Verghese, Practitioner - Managed Security Services, Wipro Ltd. Contents 03 ------------------------------------- Abstract 03 -------------------------------------
More informationAdvanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA
Advanced SOC Design Next Generation Security Operations Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA 1 ! Why/How security investments need to shift! Key functions of a Security Operations
More informationCertified Identity and Access Manager (CIAM) Overview & Curriculum
Identity and access management (IAM) is the most important discipline of the information security field. It is the foundation of any information security program and one of the information security management
More informationBecome a hunter: fi nding the true value of SIEM.
Become a hunter: fi nding the true value of SIEM. When Security Information and Event Management (SIEM) hit the security scene, it was heralded as a breakthrough in threat detection. However, SIEM is just
More informationBREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT
BREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT Rashmi Knowles RSA, The Security Division of EMC Session ID: Session Classification: SPO-W07 Intermediate APT1 maintained access to
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationThreat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products
Threat Intelligence: The More You Know the Less Damage They Can Do Charles Kolodgy Research VP, Security Products IDC Visit us at IDC.com and follow us on Twitter: @IDC 2 Agenda Evolving Threat Environment
More informationCONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL
CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL WHAT IS CDM? The continuous stream of high profile cybersecurity breaches demonstrates the need to move beyond purely periodic, compliance-based approaches to
More informationDealing with Big Data in Cyber Intelligence
Dealing with Big Data in Cyber Intelligence Greg Day Security CTO, EMEA, Symantec Session ID: HT-303 Session Classification: General Interest What will I take away from this session? What is driving big
More informationNICE and Framework Overview
NICE and Framework Overview Bill Newhouse NIST NICE Leadership Team Computer Security Division Information Technology Lab National Institute of Standards and Technology TABLE OF CONTENTS Introduction to
More informationMike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program
Cyber: The Catalyst to Transform the Security Program Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA A Common Language? Hyper Connected World Rapid IT Evolution Agile Targeted Threat
More informationGETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"
GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA" A Roadmap for "Big Data" in Security Analytics ESSENTIALS This paper examines: Escalating complexity of the security management environment, from threats
More informationEnterprise Security Tactical Plan
Enterprise Security Tactical Plan Fiscal Years 2011 2012 (July 1, 2010 to June 30, 2012) Prepared By: State Chief Information Security Officer The Information Security Council State of Minnesota Enterprise
More informationAdvanced Threat Protection with Dell SecureWorks Security Services
Advanced Threat Protection with Dell SecureWorks Security Services Table of Contents Summary... 2 What are Advanced Threats?... 3 How do advanced threat actors operate?... 3 Addressing the Threat... 5
More informationPALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management
PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management INTRODUCTION Traditional perimeter defense solutions fail against sophisticated adversaries who target their
More informationRedefining Incident Response
Redefining Incident Response How to Close the Gap Between Cyber-Attack Identification and Remediation WHITE PAPER - How to Close the Gap Between Cyber-Attack Identification and Remediation 1 Table of Contents
More informationCisco Security Optimization Service
Cisco Security Optimization Service Proactively strengthen your network to better respond to evolving security threats and planned and unplanned events. Service Overview Optimize Your Network for Borderless
More informationBe Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience
Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience Mike O Neill Managing Director Graeme McGowan Associate Director of Cyber Security
More informationCybersecurity and internal audit. August 15, 2014
Cybersecurity and internal audit August 15, 2014 arket insights: what we are seeing so far? 60% of organizations see increased risk from using social networking, cloud computing and personal mobile devices
More informationCYBER SECURITY SERVICES PWNED
CYBER SECURITY SERVICES PWNED Jens Thonke Capital Market Day 16 Sept 2015 1 AGENDA Cyber Security Services in brief Market overview and key trends Offering and channels Competition Enabling growth Performance
More informationOperational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel
Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel @Ben_Smith Ben Smith, CISSP Field CTO (US East), Security Portfolio A Security Maturity Path CONTROLS COMPLIANCE IT RISK BUSINESS
More informationSecurity Services. A Solution for Providing BPM of Security Services within the Enterprise Environment.
Security Services A Solution for Providing BPM of Security Services within the Enterprise Environment. First steps towards Next Generations Operations (OPS) to drive Gross Margin Dear security colleagues,
More informationIncrease insight. Reduce risk. Feel confident.
Increase insight. Reduce risk. Feel confident. Define critical goals with enhanced visibility then enable security and compliance across your complex IT infrastructure. VIRTUALIZATION + CLOUD NETWORKING
More informationAdvanced Threats: The New World Order
Advanced Threats: The New World Order Gary Lau Technology Consulting Manager Greater China gary.lau@rsa.com 1 Agenda Change of Threat Landscape and Business Impact Case Sharing Korean Incidents EMC CIRC
More informationAttack Intelligence: Why It Matters
Attack Intelligence: Why It Matters WHITE PAPER Core Security +1 617.399-6980 info@coresecurity.com www.coresecurity.com A Proactive Strategy Attacks against your organization are more prevalent than ever,
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationInternal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015
Internal audit of cybersecurity Presentation to the Atlanta IIA Chapter January 2015 Agenda Executive summary Why is this topic important? Cyber attacks: increasing complexity arket insights: What are
More informationCYBER AND IT SECURITY: CLOUD SECURITY FINAL SESSION. Architecture Framework Advisory Committee November 4, 2014
CYBER AND IT SECURITY: CLOUD SECURITY FINAL SESSION Architecture Framework Advisory Committee November 4, 2014 1 Agenda TIME TOPICS PRESENTERS 9:00 9:15 Opening Remarks and Introductions Shirley Ivan,
More informationDetecting Anomalous Behavior with the Business Data Lake. Reference Architecture and Enterprise Approaches.
Detecting Anomalous Behavior with the Business Data Lake Reference Architecture and Enterprise Approaches. 2 Detecting Anomalous Behavior with the Business Data Lake Pivotal the way we see it Reference
More informationI D C A N A L Y S T C O N N E C T I O N
I D C A N A L Y S T C O N N E C T I O N Robert Westervelt Research Manager, Security Products T h e R o l e a nd Value of Continuous Security M o nitoring August 2015 Continuous security monitoring (CSM)
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationThe Analytics Value Chain Key to Delivering Value in IoT
Vitria Operational Intelligence The Value Chain Key to Delivering Value in IoT Dr. Dale Skeen CTO and Co-Founder Internet of Things Value Potential $20 Trillion by 2025 40% 2015 Vitria Technology, Inc.
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationDefending against modern cyber threats
Defending against modern cyber threats Protecting Critical Assets October 2011 Accenture, its logo, and High Performance Delivered are trademarks of Accenture. Agenda 1. The seriousness of today s situation
More informationCase 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8
Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138 Exhibit 8 Case 2:08-cv-02463-ABC-E Document 1-4 Filed 04/15/2008 Page 2 of 138 Domain Name: CELLULARVERISON.COM Updated Date: 12-dec-2007
More informationTECHNOLOGY IT ROADMAP SERVICE CORE
BE FREE BE FREE OF TECHNOLOGY IT ROADMAP SERVICE CORE TALK TO OUR EXPERTS 1.877.222.8615 www.bestit.com WHY GET AN IT ROADMAP? Enterprise competitive performance is a critical differentiator in today s
More informationObtaining Enterprise Cybersituational
SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational
More informationBig Data, Big Risk, Big Rewards. Hussein Syed
Big Data, Big Risk, Big Rewards Hussein Syed Discussion Topics Information Security in healthcare Cyber Security Big Data Security Security and Privacy concerns Security and Privacy Governance Big Data
More informationCOMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*
COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun
More informationCOMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*
COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) 2 Fixed Rates Variable Rates FIXED RATES OF THE PAST 25 YEARS AVERAGE RESIDENTIAL MORTGAGE LENDING RATE - 5 YEAR* (Per cent) Year Jan Feb Mar Apr May Jun
More informationBest Practices to Improve Breach Readiness
Best Practices to Improve Breach Readiness Dr. Robert W. Griffin Chief Security Architect RSA, the Security Division of EMC http://blog.emc2.de/trust-security @RobtWesGriffin 1 Security Breaches 2 Security
More information2011 Forrester Research, Inc. Reproduction Prohibited
1 2011 Forrester Research, Inc. Reproduction Prohibited Information Security Metrics Present Information that Matters to the Business Ed Ferrara, Principal Research Analyst July 12, 2011 2 2009 2011 Forrester
More informationCenters of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review
Centers of Academic Excellence in Cyber Security (CAE-C) Knowledge Units Review Review Process The Knowledge Unit (KU) Review Calendar divides the entire CAE-C KU list into 12 months for the purposes of
More informationRSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief
RSA Solution Brief RSA envision Platform Real-time Actionable Information, Streamlined Incident Handling, Effective Measures RSA Solution Brief The job of Operations, whether a large organization with
More informationOvercoming Five Critical Cybersecurity Gaps
Overcoming Five Critical Cybersecurity Gaps How Active Threat Protection Addresses the Problems that Security Technology Doesn t Solve An esentire White Paper Copyright 2015 esentire, Inc. All rights reserved.
More informationCommittee of the Whole. January 22, 2014
Committee of the Whole January 22, 2014 Drivers for 2003 IT Outsourcing Cost savings - privatization model ($2- $3MM/year) Cost avoidance Data center lease with County expiring ($3.5MM) Disaster recovery
More informationARIS 9ARIS 9.6 map and Future Directions Die nächste Generation des Geschäftsprozessmanagements
ARIS 9ARIS 9.6 map and Future Directions Die nächste Generation des Geschäftsprozessmanagements Dr. Katrina Simon ARIS Product Management 2014 Software AG. All rights reserved. ARIS @ Software AG 2M END
More informationEnterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst
ESG Brief Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst Abstract: Large organizations have spent millions of dollars on security
More informationProject Update December 2, 2008 2008 Innovation Grant Program
Tri-University Vulnerability Scanning/Management Solution Project Update December 2, 2008 2008 Innovation Grant Program 1 Project Summary This grant application is part of a previous project report presented
More informationSonata Managed Application Lifecycle Services
Sonata Managed Application Lifecycle Services Leveraging IT to Deliver Growth-Centric Business Transformation Make IT an Enabler of Your Business with the Right Partner In today s complex and ever-changing
More informationThreat Intelligence: An Essential Component of Cyber Incident Response. Jeanie M Larson, CISSP-ISSMP, CISM, CRISC
Threat Intelligence: An Essential Component of Cyber Incident Response Jeanie M Larson, CISSP-ISSMP, CISM, CRISC What are we going to cover? Setting the Stage Why is Incident Response Critical? Cyber Threat
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationSession 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness
Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness Wayne A. Wheeler The Aerospace Corporation GSAW 2015, Los Angeles, CA, March 2015 Agenda Emerging cyber
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationThe Value of Vulnerability Management*
The Value of Vulnerability Management* *ISACA/IIA Dallas Presented by: Robert Buchheit, Director Advisory Practice, Dallas Ricky Allen, Manager Advisory Practice, Houston *connectedthinking PwC Agenda
More information5 TIPS FOR MAXIMIZING THE VALUE OF YOUR SECURITY ASSESSMENT
5 5 TIPS FOR MAXIMIZING THE VALUE OF YOUR SECURITY ASSESSMENT 1 Anatomy of a Security Assessment With data breaches making regular headlines, it s easy to understand why information security is critical.
More informationNetwork Security Roadmap. February 15, 2011
Network Security Roadmap February 15, 2011 Awareness Spyware The IT Security landscape Malware Stopit Global Threats DDoS cookies DMCA Notifications Forensics FERPA botnets Policy Laws & Regulation keystroke
More informationValue to the Mission. FEA Practice Guidance. Federal Enterprise Architecture Program Management Office, OMB
Value to the Mission FEA Practice Guidance Federal Enterprise Program Management Office, OMB November 2007 FEA Practice Guidance Table of Contents Section 1: Overview...1-1 About the FEA Practice Guidance...
More information1 Introduction... 2 2 Product Description... 3 3 Strengths and Challenges... 5 4 Copyright... 5
KuppingerCole Report EXECUTIVE VIEW by Alexei Balaganski May 2015 is a business-critical application security solution for SAP environments. It provides a context-aware, secure and cloud-ready platform
More informationRSA Archer Risk Intelligence
RSA Archer Risk Intelligence Harnessing Risk to Exploit Opportunity June 4, 2014 Steve Schlarman GRC Strategist 1 Risk and Compliance Where is it today? 2 Governance, Risk, & Compliance Today 3 4 A New
More informationFireScope + ServiceNow: CMDB Integration Use Cases
FireScope + ServiceNow: CMDB Integration Use Cases While virtualization, cloud technologies and automation have slashed the time it takes to plan and implement new IT services, enterprises are still struggling
More informationADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS
ADVANCED PERSISTENT THREATS & ZERO DAY ATTACKS AN INFORMATION SECURITY BATTLEFIELD From Static to Dynamic Defense Cyber Security Strategies, LLC 1 2008-2010 Is The Cyber Tipping Point ESTONIA GEORGIA CABLE
More informationA BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper
A BUSINESS CASE FOR BEHAVIORAL ANALYTICS White Paper Introduction What is Behavioral 1 In a world in which web applications and websites are becoming ever more diverse and complicated, running them effectively
More informationCyber Threat Intelligence Move to an intelligencedriven cybersecurity model
Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance
More informationSolution Briefing. Integrating the LogLogic API with NSN s Remediation & Escalation Mgmt. System
Solution Briefing Integrating the LogLogic API with NSN s Remediation & Escalation Mgmt. System Tim Larson August 2009 Introduction Nokia Siemens Network s environment Company: Leading provider of mobile
More informationIBM SECURITY QRADAR INCIDENT FORENSICS
IBM SECURITY QRADAR INCIDENT FORENSICS DELIVERING CLARITY TO CYBER SECURITY INVESTIGATIONS Gyenese Péter Channel Sales Leader, CEE IBM Security Systems 12014 IBM Corporation Harsh realities for many enterprise
More informationDiscover & Investigate Advanced Threats. OVERVIEW
Discover & Investigate Advanced Threats. OVERVIEW HIGHLIGHTS Introducing RSA Security Analytics, Providing: Security monitoring Incident investigation Compliance reporting Providing Big Data Security Analytics
More informationSITUATIONAL AWARENESS MITIGATE CYBERTHREATS
Gaining the SITUATIONAL AWARENESS needed to MITIGATE CYBERTHREATS Industry Perspective EXECUTIVE SUMMARY To become more resilient against cyberthreats, agencies must improve visibility and understand events
More informationLong Term Data Center Facilities Program
Long Term Data Center Facilities Program ISAC Briefing December 2012 Overview: The Long Term Data Center Facilities Program is an initiative of the approved data center strategic plan to consolidate Citizens
More informationWhite Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA
White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial
More informationReducing the Cardholder Data Footprint
Reducing the Cardholder Data Footprint April 2015 Troy Leach, CTO Welcome to PAYMENTS 2015 PAYMENTS 2015 Mobile App: Check-in, access presentations and complete evaluations on the mobile app. Available
More informationAddress C-level Cybersecurity issues to enable and secure Digital transformation
Home Overview Challenges Global Resource Growth Impacting Industries Address C-level Cybersecurity issues to enable and secure Digital transformation We support cybersecurity transformations with assessments,
More informationBusiness resilience: The best defense is a good offense
IBM Business Continuity and Resiliency Services January 2009 Business resilience: The best defense is a good offense Develop a best practices strategy using a tiered approach Page 2 Contents 2 Introduction
More informationA COMPLETE APPROACH TO SECURITY
A COMPLETE APPROACH TO SECURITY HOW TO ACHEIVE AGILE SECURITY OPERATIONS THREAT WATCH Cyber threats cost the UK economy 27 billion a year 200,000 new threats are identified every day 58% of businesses
More informationPASTA Abstract. Process for Attack S imulation & Threat Assessment Abstract. VerSprite, LLC Copyright 2013
2013 PASTA Abstract Process for Attack S imulation & Threat Assessment Abstract VerSprite, LLC Copyright 2013 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
More informationActionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy
www.netforensics.com NETFORENSICS WHITE PAPER Actionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy Contents Executive Summary The Information Security Landscape Security
More informationBigData Analytics per la sicurezza delle Infrastrutture Critiche
BigData Analytics per la sicurezza delle Infrastrutture Critiche Vincenzo Conti IBM Security Sales Consultant Energy and utility organizations are at the forefront of attacks Utilities are among the most
More informationThe Art of Modern Threat Defense. Paul Davis Director, Advanced Threats Security Solution Architects
The Art of Modern Threat Defense Paul Davis Director, Advanced Threats Security Solution Architects January 2016 Goal of Presentation Who Am I A New World of Pain How we are treating the symptoms Silver
More informationASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES
ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES Leonard Levy PricewaterhouseCoopers LLP Session ID: SEC-W03 Session Classification: Intermediate Agenda The opportunity Assuming
More informationUpdate On Smart Grid Cyber Security
Update On Smart Grid Cyber Security Kshamit Dixit Manager IT Security, Toronto Hydro, Ontario, Canada 1 Agenda Cyber Security Overview Security Framework Securing Smart Grid 2 Smart Grid Attack Threats
More informationIntegrating a Big Data Platform into Government:
Integrating a Big Data Platform into Government: Drive Better Decisions for Policy and Program Outcomes John Haddad, Senior Director Product Marketing, Informatica Digital Government Institute s Government
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationThe Five W's of SOC Operations. Kevin Young, @IT3700
The Five W's of SOC Operations Kevin Young, @IT3700 Thank you Todd Thanks to Randall Munroe https://xkcd.com/838/ Overview Introduction Five W s of SOC Operations When do I need a SOC? Readiness What exactly
More informationTHE TOP 4 CONTROLS. www.tripwire.com/20criticalcontrols
THE TOP 4 CONTROLS www.tripwire.com/20criticalcontrols THE TOP 20 CRITICAL SECURITY CONTROLS ARE RATED IN SEVERITY BY THE NSA FROM VERY HIGH DOWN TO LOW. IN THIS MINI-GUIDE, WE RE GOING TO LOOK AT THE
More informationCisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.
Data Sheet Cisco Optimization s Optimize Your Solution using Cisco Expertise and Leading Practices Optimizing Your Business Architecture Today, enabling business innovation and agility is about being able
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationFIVE PRACTICAL STEPS
WHITEPAPER FIVE PRACTICAL STEPS To Protecting Your Organization Against Breach How Security Intelligence & Reducing Information Risk Play Strategic Roles in Driving Your Business CEOs, CIOs, CTOs, AND
More informationFFIEC Cybersecurity Assessment Tool
Overview In light of the increasing volume and sophistication of cyber threats, the Federal Financial Institutions Examination Council 1 (FFIEC) developed the Cybersecurity Tool (), on behalf of its members,
More informationDataSheet. A complete view of the customer. What is Accanto s icem?
DataSheet icem: A complete view of the customer To overcome the challenges of decreasing margins from voice services, whilst catering for high cost network investments due to high data consumption, Operators
More informationUnified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationSPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles
PNNL-24138 SPSP Phase III Recruiting, Selecting, and Developing Secure Power Systems Professionals: Job Profiles March 2015 LR O Neil TJ Conway DH Tobey FL Greitzer AC Dalton PK Pusey Prepared for the
More informationMaster big data to optimize the oil and gas lifecycle
Viewpoint paper Master big data to optimize the oil and gas lifecycle Information management and analytics (IM&A) helps move decisions from reactive to predictive Table of contents 4 Getting a handle on
More information