BUILDING A SECURITY PROGRAM THAT PROTECTS AN ORGANIZATION S MOST CRITICAL ASSETS
|
|
- Brian Ferguson
- 8 years ago
- Views:
Transcription
1 BUILDING A SECURITY PROGRAM THAT PROTECTS AN ORGANIZATION S MOST CRITICAL ASSETS
2 ABOUT BEW GLOBAL Founded 2002 Global Service Delivery Focused Expertise Quality Management S O L U T I O N O F F E R I N GS Consulting Services Managed Services Product Services Technical Services Security Assessments Training Services
3 DATA LOSS PREVENTION EXPERTISE Daily Management of 1,000,000+ Users Completed 500+ Assessments Deployed 400+ DLP Projects Manage DLP Solutions in 22 Countries Q U I C K FAC T S Symantec Master Specialization DLP Partner RSA s Only Authorized Managed DLP Partner 1st Managed DLP Services Provider (2008) Localized Chinese DLP Practice (2011) Global Support in 130 countries Websense Certified TRITONs More than any other partner, 7 Olympians & 1 Gladiator
4 INTELISECURE MANAGED SERVICES Event Management Reporting & Metrics Application Management IMS POD STRUCTURE Information Security Engineer Technical optimization & health of all system components Information Security Analyst Incident Triage Scope & Policy Governance Daily incident event review & workflow management Business Analyst Translate system and event data into reports & analytics
5 WHAT WE WILL COVER TODAY SYMANTEC DLP COMPONENTS Endpoint Prevent Developing the DLP Program DLP Use Cases How Did They Get There? Developing the DLP Program Symantec Data Loss Prevention Endpoint Prevent monitors files downloaded to local drives; transferred over , IM, Web or FTP; copied to USB, CompactFlash, SD, or other removable media; burned to CD/DVD; copied or pasted; captured via Print Screen; and printed or faxed electronically. With Symantec Data Loss Prevention, you can monitor and block: Avoiding Common DLP Pitfalls Instant messages sent to a partner containing confidential M&A information Web mail with product plans attached going to a competitor Customer lists being Open copied Q&A to USB or other removable media devices containing PII sent via hosted security services Source code that is copied to a local drive Mobile devices for sent containing confidential data Product design documents being burned to CD/DVD Price lists being printed or faxed to a competitor
6 CRITICAL ASSET PROTECTION PROGRAM (CAPP) A Critical Asset Protection Program (CAPP) clearly defines what assets are deemed most important to the organization based on the concepts of revenue, income, reputation and core operational impact. Most organizations fail at their Data Loss Protection programs due to the lack of developing a Critical Asset Protection with a documented scope.
7 CAPP METHODOLOGY Most information and network security programs are doomed from their inception due to the common pitfalls of failing to develop a program scope that is accepted, acknowledged and supported by senior leadership. Through a comprehensive interview and information gathering process, BEW Global and our customers develop a realistic Critical Asset Protection Program Scope that defines the assets and the core attributes of the asset in regards to the following: Creation Storage Usage Transmission
8 CAPP CRITICAL ASSET LIFECYCLE MAPPING Critical Asset Creation Critical Asset Storage Critical Asset Use Critical Asset Transmission The point in time when the asset is created. This could be the first swipe of a credit card, the initial lines of code for a new application or the acquisition of a new VM Cluster. Today, asset creation can be the product of multiple groups or systems making the need for a laser focused scope imperative for a successful protection program. Once the asset has been created the asset is stored. For intangible assets this may be in RAM, on a hard disk, NAS, SharePoint or other types of data storage. Tangible assets like servers, routers or laptops may be racked in a datacenter, placed in a remote office closet or placed on a home office desk. Mapping the authorized use of the critical asset is very important when developing the Critical Asset Protection Program. By mapping the authorized usage characteristics of the assets within the CAPP scope, applying the optimal combination of people, process and technology to successfully protect the critical assets becomes a more manageable endeavor. The assessment of how critical asset information is shared within and outside the organizations provides key insight to the required protection mechanisms. The transmission threat vector is utilized for authorized operations constantly and in parallel presents some of the greatest challenges to inadvertent or malicious asset exposure.
9 SAMPLE CAPP PROGRAM SCOPE Critical Assets Management Concerns: Priority Security Concern Category Program Scope Supported Response 1 Disclosure of customer and employee PII data Customer and Employee Data Symantec Network Discover File Share scanning to gain visibility into storage locations Symantec Network Monitor monitoring to gain visibility into transmission 2 Disclosure of PCI data Customer Data Symantec Network Discover File Share scanning to gain visibility into storage locations Symantec Network Monitor monitoring to gain visibility into transmission 3 Disclosure and unauthorized use of customer ARM Logs Proprietary Customer Data Symantec Network Discover File Share scanning to gain visibility into storage locations Symantec Network Monitor monitoring to gain visibility into transmission 4 Disclosure of Proprietary and Licensed source code Intellectual Property Symantec Network Discover File Share scanning to gain visibility into storage locations Symantec Network Monitor monitoring to gain visibility into transmission
10 SAMPLE CAPP PROGRAM SCOPE Targeted Data Elements: Category Data Element Description / Requirement Data Identifiers Personally Identifiable Informatio n (PII) Social Security Numbers The Human Resources, Finance, and Legal departments identified SSN as a key piece of PII to be protected by the Critical Asset Protection Program. SSNs store on customers and employees 9 numeric characters Customer Data TSN [client name] Serial Number Numbers are assigned to and uniquely identify each [client name] set top box. These numbers are associated to records (ARM logs) collected on each [client name] device containing sensitive customer information. 15 Digit Hexadecimal number First 3 digits represent the TSN prefix The following 11 represent the unit ID Final digit is a checksum Payment Card Industry Data Credit Card Numbers During regular transactions with customers [client name] collects and stores Credit Card Numbers. [client name] is currently categorized as a PCI level 2 vendor but strives for level 1 compliance. All major national and international credit card vendors Source Code Copyrighte d/proprieta ry Code Proprietary source code and copyrighted source code Adobe Copyright Broadcom Copyright Microsoft Copyright [client name] Copyright
11 SAMPLE CAPP PROGRAM SCOPE Service Milestone Timeline: Milestone Description Target Date Data Loss Prevention System Technical Install Data Loss Prevention system technically installed, tested and prepared to monitor all communications Complete Critical Asset Protection Program Implemented Resources in place to manage Critical Asset Protection application, policies, triage incidents, develop analytics, and work with business to remediate events 07/2013 Critical Asset Protection Program Kick-off Actively monitor production traffic with first crafted production policies targeted at specific data elements/client information ensuring data is going to the correct clients 07/2013 Critical Asset Protection System and Program Tuning Working with the business to review incidents and leverage data to improve policy accuracy within the Critical Asset Protection system 08/2013 Policy Accuracy Target 90% + Tuning the Critical Asset Protection policies to the point of 90% or greater accuracy on outbound communications, allowing for initial testing of prevention controls 09/2013 Blocking Pilot Select User Group Identification of first user group set-up for blocking or quarantine of unauthorized communications flagged by the DLP system 09/2013 Blocking Full Production roll-out Phased roll-out of remaining business units to be included within the blocking and quarantine scope of the Critical Asset Protection system 09/2013 Phase # 1 Completion Program in place for constant refinement of policies as the business evolves, communication with business units on violations, business analytics delivered, and unauthorized communications blocked 09/2013
12 USE CASE: DLP PRE-PROJECT STATE Organization Overview: DLP Scope: DLP Primary Issue: Application Management: Policy Governance: Incident Triage: Event Management: Reporting and Metrics: Status: Manufacturing firm of 30,000 employees operating in 50 countries globally Protection of Intellectual Property (General) Lack of staff and buy-in from business owners who handle critical assets Most information security tools operated and managed by IT or networks No internal resources with any experience with DLP policy construction Lean staff of Infosec staff already buried by SIEM and other tools output Informal event management process with little feedback to the business Zero customized reports. Very little business analysis provided Charged with implementing DLP to protect Critical Assets, specifically product IP
13 APPLICATION SUPPORT & INTEGRATION Primary System DLP Management = Human Resource / Expertise Requirements Integrated System Management = Cross Department Collaboration Processes Health Check & System Validation Management = System Resource Requirements Vendor Management = Primary and Integrated Technology Vendor Relationships
14 POLICY & RULE GOVERNANCE Who requests rules & policy requirements? Are business owners engaged? Who reviews rule requests? Criteria for approved rule? What s the process for converting a rule request into a policy? Who s responsible for converting a rule into technical policy? Do they have technical policy authoring expertise? What is the formal policy development process? First drafts rarely work as expected! Is there a process to relay production policy metrics to stakeholders?
15 WORKFLOW DEVELOPMENT & MANAGEMENT Who develops & manages policy buckets? False positive, inbound partner, outbound employee Who defines thresholds that determine response rules for each bucket? Are 10 SSNs a high, medium or low severity incident? Who designs & sets the policy response triggers? Malicious, Inadvertent, Suspicious, above threshold. Triage response options: Human notification System notification (auto) Hybrid? Who s responsible for building alerts, alarms & notifications? Has business been engaged on event management? Who manages the DLP policy & rules repository? Why recreate the wheel?
16 INCIDENT TRIAGE & EVENT MANAGEMENT Who reviews volume & yield of incidents & events? What s the review frequency? How are events/incidents routed? Who owns the incident/event? How does DLP fit in overall incident/event management process? Can this be mapped to DLP system? What metrics are developed to measure success of rules & related policy? Who s responsible for developing metrics? Revision of rules based on quality of policy results. Who manages policy optimization process? How will integrated systems be tied together to yield valued info? Secure mail, web gateway, GRC, SIEM
17 BUSINESS ANALYTICS Who drives report requirements? Requestors, Reviewers, others? Who develops reports? Do they have the expertise with 3 rd party reporting tools? Are DLP system generated reports adequate? Are the metrics valuable & driving meaningful change? Report accuracy tied into QA process?
18 USE CASE: POST-PROJECT STATE Organization Overview: DLP Scope: DLP Primary Goal: Application Management: Policy Governance: Incident Triage: Event Management: Reporting and Metrics: Status: Defined specific business units to initiate program Focused on 3 specific product lines linked to highest revenue & earnings Identification of unauthorized movement of specific elements of IP Operated by a combination of IT, messaging & desktop management teams 100% customized policies based on data collected from business unit Daily review of incidents by BEW Global Intelisecure Managed Services team Incidents meeting severity criteria routed to business unit for investigation Behavioral pattern analysis leading to preventive actions R&D teams have high-level of confidence in ability to identify leakage of IP
19 Number of Hours QMS SAMPLE QUARTERLY REPORT Intelisecure DLP QMS: Six Month Trend Application Management Policy Governance Incident Triage Event Management Reporting & Analytics Time
20 PITFALL 1: NO PLAN OF ATTACK
21 PITFALL 2: FAILURE TO ENGAGE THE BUSINESS 5 Pieces of DLP Advice You Can t Afford to Ignore 21
22 PITFALL 3: INADEQUATELY TRAINED RESOURCES 5 Pieces of DLP Advice You Can t Afford to Ignore 22
23 DATA LOSS PROTECITON PITFALLS: M i s s i n g t h e Ta r g e t F a l s e S e n s e o f S e c u r i t y Mis-configured Tap or Port Span Encryption The Masked Data Misfire of Network Discovery Scans Network versus Endpoint Discovery Problem Missing segments of network traffic or protocols Solution Comprehensive test plan that maps to in scope business processes and related data types transmitted from various network locations to ensure all relevant data streams are being captured. Problem Analysis of data DID NOT take place prior to encryption. Solution Comprehensive test plan that proves ALL DLP data assessment takes place prior to the gateway encryption & implement managed test DLP policies that identify encrypted transmissions as part of the test plan. Problem Locations of sensitive data never targeted by the organization for scanning due to lack of an effective policy governance process. Solution Identify potential data stores by discussing the DLP program with staff to understand process. Problem Running DAR scans using a combo of network & endpoint without thinking about which policy types & detection methods are not the same. Solution Prior to acquiring DLP solution, have an understanding of the data types that make up your target environment & then, decide on scanning method..
24 DATA LOSS PROTECITON PITFALLS: T h e P a n d o r a s B o x o f D L P Environment Assessment Staying in Contact User Performance Impacts Network/System Performance Impacts Problem No rigorous endpoint environment assessment prior to the selection of the application & enablement. Problem Failure to monitor endpoint population & their frequency of checking-in to the management server with validated results. Problem Implementing same policies for network based & endpoint assessments without testing or modification. Problem Failure to calculate & measure the impact of endpoint policy traffic across wide & local area network connections. Solution Address age of environment, performance capabilities, technical & human issues, & load of applications, in conjunction with education on the DLP endpoints. Solution Phased deployment of endpoint with validation via test plan on initial success of ALL agents & ongoing endpoint agent health reports. Solution Utilize a comprehensive test plan outlining specific metrics (time to open files, open/send s, open applications) prior to deployment. Solution Thorough assessment of endpoint policies that addresses all of the concerns including policy design requirements, timing, frequency & delivery methods.
25 B E W G L O B AL H Q B E W G L O B AL E M E A B E W G L O B AL A P A C 5613 DTC Parkway Suite 1250 Greenwood Village, CO USA (ph) (fax) Albany Court Albany Park Camberley GU16 7QR England (ph) +44 (0) (fax) +44 (0) Oxford Street Level 23, Tower 1 Bondi Junction Sydney 2022 (ph) +61 (2) (fax) +61 (2)
Building a Security Program that Protects an Organizations Most Critical Assets
Building a Security Program that Protects an Organizations Most Critical Assets ABOUT BEW GLOBAL WHAT WE WILL COVER TODAY What is a Critical Asset Protection Program Data Loss Prevention & Other Technology
More informationPractical DLP Deployment
Practical DLP Deployment Practical DLP Deployment for your Organization Jon Damratoski, DLP Architect DLP Basics Overview A few items discussed today What is DLP? Define a DLP program using business driven
More informationTHE EXECUTIVE GUIDE TO DATA LOSS PREVENTION. Technology Overview, Business Justification, and Resource Requirements
THE EXECUTIVE GUIDE TO DATA LOSS PREVENTION Technology Overview, Business Justification, and Resource Requirements Introduction to Data Loss Prevention Intelligent Protection for Digital Assets Although
More informationA Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards
A Websense Research Brief Prevent Loss and Comply with Payment Card Industry Security Standards Prevent Loss and Comply with Payment Card Industry Security Standards Standards for Credit Card Security
More informationData Loss Prevention: Gone in Under 60 Milliseconds November 20, 2012
Data Loss Prevention: Gone in Under 60 Milliseconds November 20, 2012 Start Time: 9 AM US Pacific, Noon US Eastern, 5 pm London 1 2 Generously sponsored by: Welcome Conference Moderator Allan Wall UK,
More informationA Buyer's Guide to Data Loss Protection Solutions
A Buyer's Guide to Data Loss Protection Solutions 2010 Websense, Inc. All rights reserved. Websense is a registered trademark of Websense, Inc. in the United States and certain international markets. Websense
More informationWebsense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration
Websense Data Security Suite and Cyber-Ark Inter-Business Vault The Power of Integration Websense Data Security Suite Websense Data Security Suite is a leading solution to prevent information leaks; be
More informationTo Catch A Thief: Preventing the Next Fortune 500 Data Breach
To Catch A Thief: Preventing the Next Fortune 500 Data Breach Rob Eggebrecht President and CEO, BEW Global John Ochman Manager, Security Operations, BD To Catch A Thief: Preventing the Next Fortune 500
More informationRSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively
RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively Arrow ECS DLP workshop, Beograd September 2011 Marko Pust marko.pust@rsa.com 1 Agenda DLP in general What to expect from
More informationInformation Risk Management. Alvin Ow Director, Technology Consulting Asia Pacific & Japan RSA, The Security Division of EMC
Information Risk Management Alvin Ow Director, Technology Consulting Asia Pacific & Japan RSA, The Security Division of EMC Agenda Data Breaches Required Capabilities of preventing Data Loss Information
More informationStrategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP
Strategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP Principal Systems Engineer Symantec LAMC Agenda 1 What DLP is and its purpose 2 Challenges
More informationDISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com
DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationRSA Solution Brief RSA. Data Loss. Uncover your risk, establish control. RSA. Key Manager. RSA Solution Brief
RSA Solution Brief RSA Managing Data Loss the Lifecycle of Prevention Encryption Suite Keys with Uncover your risk, establish control. RSA Key Manager RSA Solution Brief 1 Executive Summary RSA Data Loss
More informationFive Tips to Ensure Data Loss Prevention Success
Five Tips to Ensure Data Loss Prevention Success A DLP Experts White Paper January, 2013 Author s Note The content of this white paper was developed independently of any vendor sponsors and is the sole
More informationData Loss Prevention Best Practices to comply with PCI-DSS An Executive Guide
Data Loss Prevention Best Practices to comply with PCI-DSS An Executive Guide. Four steps for success Implementing a Data Loss Prevention solution to address PCI requirements may be broken into four key
More informationWhite paper. Five Key Considerations for Selecting a Data Loss Prevention Solution
White paper Five Key Considerations for Selecting a Data Loss Prevention Solution What do you need to consider before selecting a data loss prevention solution? There is a renewed awareness of the value
More informationData Sheet: Endpoint Security Symantec Protection Suite Enterprise Edition Trusted protection for endpoints and messaging environments
Trusted protection for endpoints and messaging environments Overview Symantec Protection Suite Enterprise Edition creates a protected endpoint and messaging environment that is secure against today s complex
More informationAdopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.
Security solutions To support your IT objectives Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services. Highlights Balance effective security with
More informationSymantec DLP Overview. Jonathan Jesse ITS Partners
Symantec DLP Overview Jonathan Jesse ITS Partners Today s Agenda What are the challenges? What is Data Loss Prevention (DLP)? How does DLP address key challenges? Why Symantec DLP and how does it work?
More information10 Building Blocks for Securing File Data
hite Paper 10 Building Blocks for Securing File Data Introduction Securing file data has never been more important or more challenging for organizations. Files dominate the data center, with analyst firm
More informationEric Moriak - CISSP, CISM, CGEIT, CISA, CIA Program Manager - IT Audit Children s Medical Center Dallas. Dallas, Texas
Eric Moriak - CISSP, CISM, CGEIT, CISA, CIA Program Manager - IT Audit Children s Medical Center Dallas Dallas, Texas Objectives The purpose of this presentation is to develop a general awareness of DLP/SIEM
More informationWebsense Data Security Solutions
Data Security Suite Data Discover Data Monitor Data Protect Data Endpoint Data Security Solutions What is your confidential data and where is it stored? Who is using your confidential data and how? Protecting
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Facilitate policy-based expertise and
More informationGuide to Successful Data Loss Prevention Risk Reduction: Part 1
WHITE PAPER: GETTING STARTED WITH SYMANTEC DATA LOSS..... PREVENTION................................... Guide to Successful Data Loss Prevention Risk Reduction: Part 1 Who should read this paper Symantec
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationMcAfee Data Protection Solutions
McAfee Data Protection Solutions Tamas Barna System Engineer CISSP, Security+ Eastern Europe The Solution: McAfee Data Protection McAfee Data Loss Prevention Full control and absolute visibility over user
More informationENABLING FAST RESPONSES THREAT MONITORING
ENABLING FAST RESPONSES TO Security INCIDENTS WITH THREAT MONITORING Executive Summary As threats evolve and the effectiveness of signaturebased web security declines, IT departments need to play a bigger,
More information: RSA 050-V60X-CSEDLPS. : CSE RSA Data Loss Prevention 6.0. Version : R6.1
Exam : RSA 050-V60X-CSEDLPS Title : CSE RSA Data Loss Prevention 6.0 Version : R6.1 Prepking - King of Computer Certification Important Information, Please Read Carefully Other Prepking products A) Offline
More informationExecutive Summary Program Highlights for FY2009/2010 Mission Statement Authority State Law: University Policy:
Executive Summary Texas state law requires that each state agency, including Institutions of Higher Education, have in place an Program (ISP) that is approved by the head of the institution. 1 Governance
More informationAdopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.
Security solutions To support your IT objectives Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services. Highlights Balance effective security with
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Protecting your business value from
More informationKelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan
The Truth about Data Loss Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan RSA Data Loss Prevention Data Breaches Overview RSA DLP Solution Five Critical Factors
More informationBreach Found. Did It Hurt?
ANALYST BRIEF Breach Found. Did It Hurt? INCIDENT RESPONSE PART 2: A PROCESS FOR ASSESSING LOSS Authors Christopher Morales, Jason Pappalexis Overview Malware infections impact every organization. Many
More informationBest Practices for DLP Implementation in Healthcare Organizations
Best Practices for DLP Implementation in Healthcare Organizations Healthcare organizations should follow 4 key stages when deploying data loss prevention solutions: 1) Understand Regulations and Technology
More informationINCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe
INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN Albin Penič Technical Team Leader Eastern Europe Trend Micro 27 years focused on security software Headquartered
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationThe Benefits of an Integrated Approach to Security in the Cloud
The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The
More informationsecurity policy Purpose The purpose of this paper is to outline the steps required for developing and maintaining a corporate security policy.
Abstract This paper addresses the methods and methodologies required to develop a corporate security policy that will effectively protect a company's assets. Date: January 1, 2000 Authors: J.D. Smith,
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationPayment Card Industry Data Security Standard
Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security
More informationDATA LEAKAGE PREVENTION IMPLEMENTATION AND CHALLENGES
DATA LEAKAGE PREVENTION IMPLEMENTATION AND CHALLENGES From This article focuses on common pitfalls when implementing a DLP solution to secure your organizational information assets. The article also lists
More informationAutomate PCI Compliance Monitoring, Investigation & Reporting
Automate PCI Compliance Monitoring, Investigation & Reporting Reducing Business Risk Standards and compliance are all about implementing procedures and technologies that reduce business risk and efficiently
More informationRule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed)
Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed) 01.1 Purpose
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationRSA SIEM and DLP Infrastructure and Information Monitoring in One Solution
RSA SIEM and DLP Infrastructure and Information Monitoring in One Solution David Mateju RSA Sales Consultant, RSA CSE david.mateju@rsa.com Adding an information-centric view Infrastructure Information
More informationWHAT S NEW IN WEBSENSE TRITON RELEASE 7.8
WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8 Overview Global organizations are constantly battling with advanced persistent threats (APTs) and targeted attacks focused on extracting intellectual property
More informationIBM Data Security Services for endpoint data protection endpoint encryption solution
Protecting data on endpoint devices and removable media IBM Data Security Services for endpoint data protection endpoint encryption solution Highlights Secure data on endpoint devices Reap benefits such
More informationA CPA recounts exponential growth in Compliance. Mary Ellen McLaughlin
Compliance TODAY September 2015 a publication of the health care compliance association www.hcca-info.org A CPA recounts exponential growth in Compliance an interview with Patricia Bickel Compliance and
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationEmpowering Your Business in the Cloud Without Compromising Security
Empowering Your Business in the Cloud Without Compromising Security Cloud Security Fabric CloudLock offers the cloud security fabric for the enterprise that helps organizations protect their sensitive
More informationFor your eyes only - Encryption and DLP Erkko Skantz
For your eyes only - Encryption and DLP Erkko Skantz Symantec Finland 1 USER PRODUCTIVITY INFORMATION MANAGEMENT DATA CENTER SECURITY 2 Focus on information 3 Today's System-Centric Enterprise Data Center
More informationStop the Maelstrom: Using Endpoint Sensor Data in a SIEM to Isolate Threats
Stop the Maelstrom: Using Endpoint Sensor Data in a SIEM to Isolate Threats Jody C. Patilla The Johns Hopkins University Session ID: TECH-107 Session Classification: Intermediate Objectives Get more out
More informationTelemedicine HIPAA/HITECH Privacy and Security
Telemedicine HIPAA/HITECH Privacy and Security 1 Access Control Role Based Access The organization shall provide secure rolebased account management. Privileges granted utilizing the principle of least
More informationData Loss Prevention Program
Data Loss Prevention Program Safeguarding Intellectual Property Author: Powell Hamilton Senior Managing Consultant Foundstone Professional Services One of the major challenges for today s IT security professional
More informationData Classification Technical Assessment
Data Classification Update: February 13th, 2015 Statement of Confidentiality This Confidential Information is being provided to Customer ABC as a deliverable of this consulting engagement. The sole purpose
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.5)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided
More informationVulnerability management lifecycle: defining vulnerability management
Framework for building a vulnerability management lifecycle program http://searchsecurity.techtarget.com/magazinecontent/framework-for-building-avulnerability-management-lifecycle-program August 2011 By
More informationLOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE
PRODUCT BRIEF LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE The Tripwire VIA platform delivers system state intelligence, a continuous approach to security that provides leading indicators of breach
More information場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR
場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR Minimum Requirements of Security Management and Compliance
More informationLifecycle Solutions & Services. Managed Industrial Cyber Security Services
Lifecycle Solutions & Services Managed Industrial Cyber Security Services Around the world, industrial firms and critical infrastructure operators partner with Honeywell to address the unique requirements
More informationMcAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software
McAfee Global Threat Intelligence File Reputation Service Best Practices Guide for McAfee VirusScan Enterprise Software Table of Contents McAfee Global Threat Intelligence File Reputation Service McAfee
More informationConfiguration Information
This chapter describes some basic Email Security Gateway configuration settings, some of which can be set in the first-time Configuration Wizard. Other topics covered include Email Security interface navigation,
More informationA Practical Guide to Improving PCI Compliance Posture
A Practical Guide to Improving PCI Compliance Posture To improve PCI compliance, determine where your cardholder data is and monitor where it s going. On October 28, 2010, the PCI Security Standards Council
More informationThe Value of Email DLP
The Value of Email DLP Identifying and Minimizing Your Organization s Greatest Risk By ZixCorp www.zixcorp.com Zix Email Data Loss Prevention Page 1 CLICKING SEND IS ALMOST TOO EASY. We ve all had those
More informationTNC is an open architecture for network access control. If you re not sure what NAC is, we ll cover that in a second. For now, the main point here is
1 2 This slide shows the areas where TCG is developing standards. Each image corresponds to a TCG work group. In order to understand Trusted Network Connect, it s best to look at it in context with the
More informationD. Grzetich 6/26/2013. The Problem We Face Today
Ideas on Using Asset Criticality Inference (ACI) Through Gathering and Processing of Asset Contextual Utilizing Analytical Models and Processing Rules D. Grzetich 6/26/2013 The Problem We Face Today Security
More informationRSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief
RSA Solution Brief RSA envision Platform Real-time Actionable Information, Streamlined Incident Handling, Effective Measures RSA Solution Brief The job of Operations, whether a large organization with
More informationSecurity Services. 30 years of experience in IT business
Security Services 30 years of experience in IT business Table of Contents 1 Security Audit services!...!3 1.1 Audit of processes!...!3 1.1.1 Information security audit...3 1.1.2 Internal audit support...3
More informationINFORMATION PROTECTED
INFORMATION PROTECTED Symantec Protection Suite Effective, comprehensive threat protection Safeguarding your organization s business-critical assets in today s ever-changing threat landscape has never
More informationIntrusion Detection in AlienVault
Complete. Simple. Affordable Copyright 2014 AlienVault. All rights reserved. AlienVault, AlienVault Unified Security Management, AlienVault USM, AlienVault Open Threat Exchange, AlienVault OTX, Open Threat
More informationINFORMATION PROTECTION
INFORMATION PROTECTION Johan Celis Principal Security Consultant Symantec Benelux SYMANTEC ENTERPRISE SECURITY STRATEGY Users Data Cyber Security Services Monitoring, Incident Response, Simulation, Adversary
More informationInformation Security Risk Assessment Checklist. A High-Level Tool to Assist USG Institutions with Risk Analysis
Information Security Risk Assessment Checklist A High-Level Tool to Assist USG Institutions with Risk Analysis Updated Oct 2008 Introduction Information security is an important issue for the University
More informationAnalyzing HTTP/HTTPS Traffic Logs
Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that
More informationWebsense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications
Websense Web Security Gateway: Integrating the Content Gateway component with Third Party Data Loss Prevention Applications November, 2010 2010 Websense, Inc. All rights reserved. Websense is a registered
More informationData Protection McAfee s Endpoint and Network Data Loss Prevention
Data Protection McAfee s Endpoint and Network Data Loss Prevention Dipl.-Inform. Rolf Haas Principal Security Engineer, S+, CISSP rolf@mcafee.com January 22, 2013 for ANSWER SA Event, Geneva Position Features
More informationInformation & Asset Protection with SIEM and DLP
Information & Asset Protection with SIEM and DLP Keeping the Good Stuff in and the Bad Stuff Out Professional Services: Doug Crich Practice Leader Infrastructure Protection Solutions What s driving the
More informationUnified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationMore Expenses. Only this time the Telegraph will have to pay them after their recent data breech
More Expenses Only this time the Telegraph will have to pay them after their recent data breech What is an Identity? Wiki Definition Digital identity refers to the aspect of digital technology that is
More informationIT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:
IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including: 1. IT Cost Containment 84 topics 2. Cloud Computing Readiness 225
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationThe Impact of HIPAA and HITECH
The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients
More informationUnified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice
Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice Introduction There are numerous statistics published by security vendors, Government
More informationOutbound Email Security and Content Compliance in Today s Enterprise, 2005
Outbound Email Security and Content Compliance in Today s Enterprise, 2005 Results from a survey by Proofpoint, Inc. fielded by Forrester Consulting on outbound email content issues, May 2005 Proofpoint,
More informationO N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y
Automate Response Congratulations on selecting IncidentResponse.com to retrieve your custom incident response workflow guide. This guide has been created especially for you for use in within your security
More informationUnified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES
Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES HIPAA COMPLIANCE Achieving HIPAA Compliance with Security Professional Services The Health Insurance
More informationBest Practices for PCI DSS V3.0 Network Security Compliance
Best Practices for PCI DSS V3.0 Network Security Compliance January 2015 www.tufin.com Table of Contents Preparing for PCI DSS V3.0 Audit... 3 Protecting Cardholder Data with PCI DSS... 3 Complying with
More informationCompliance Guide ISO 27002. Compliance Guide. September 2015. Contents. Introduction 1. Detailed Controls Mapping 2.
ISO 27002 Compliance Guide September 2015 Contents Compliance Guide 01 02 03 Introduction 1 Detailed Controls Mapping 2 About Rapid7 7 01 INTRODUCTION If you re looking for a comprehensive, global framework
More informationMcAfee Data Loss Prevention 9.3.0
Product Guide Revision E McAfee Data Loss Prevention 9.3.0 For use with epolicy Orchestrator 4.5, 4.6, 5.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS
More informationManaging Open Source Code Best Practices
Managing Open Source Code Best Practices September 24, 2008 Agenda Welcome and Introduction Eran Strod Open Source Best Practices Hal Hearst Questions & Answers Next Steps About Black Duck Software Accelerate
More informationFull-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform
Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Solution Brief Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform Finding
More informationOffice 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.
Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Your Valuable Data In The Cloud? How To Get The Best Protection! A world safe for exchanging digital information
More informationApplication Visibility and Monitoring >
White Paper Application Visibility and Monitoring > An integrated approach to application delivery Application performance drives business performance Every business today depends on secure, reliable information
More informationCORE Security and the Payment Card Industry Data Security Standard (PCI DSS)
CORE Security and the Payment Card Industry Data Security Standard (PCI DSS) Addressing the PCI DSS with Predictive Security Intelligence Solutions from CORE Security CORE Security +1 617.399-6980 info@coresecurity.com
More informationSample Data Security Policies
This document provides three example data security policies that cover key areas of concern. They should not be considered an exhaustive list but rather each organization should identify any additional
More informationPersonal Information Threats & Risks: Responding to an Evolving Landscape with an Integrated Data Protection Approach
Personal Information Threats & Risks: Responding to an Evolving Landscape with an Integrated Data Protection Approach Don MacPherson January 2012 Discussion Items 1. Threats and risks to personal information
More informationProven LANDesk Solutions
LANDesk Solutions Descriptions Proven LANDesk Solutions IT departments face pressure to reduce costs, reduce risk, and increase productivity in the midst of growing IT complexity. More than 4,300 organizations
More informationDetect, Prevent, and Deter Fraud in Big Data Environments
SAP Brief SAP s for Governance, Risk, and Compliance SAP Fraud Management Objectives Detect, Prevent, and Deter Fraud in Big Data Environments Detect and prevent fraud to reduce financial loss Detect and
More informationWeb Protection for Your Business, Customers and Data
WHITE PAPER: WEB PROTECTION FOR YOUR BUSINESS, CUSTOMERS............ AND.... DATA........................ Web Protection for Your Business, Customers and Data Who should read this paper For security decision
More information