Sourcefire Customer Case Study Nokia Siemens Networks: Creating Actionable Security Intelligence for Global IT Infrastructures
|
|
- Duane Richards
- 8 years ago
- Views:
Transcription
1 Sourcefire Customer Case Study Nokia Siemens Networks: Creating Actionable Security Intelligence for Global IT Infrastructures Tim Larson Host Integrity Systems Inc. 1
2 Agenda Introduction of Case Study Business Problem Formula for Success Integration of Global Processes, Virtual Organizations, & Technology Benefits of Sourcefire Deployment Summary of Results Risk Management for IT Security 2
3 Introduction to Case Study Nokia Siemens Network s environment Company: Leading provider of mobile phone network gear, employing 65,000 people in over 120 countries. Network: Large-scale manufacturing systems with vendor and customer access and supported by numerous service provider organizations. Key Point: - This case study addresses the fact that in today s world, it s no longer only about what resources (people, process, products, partners) you possess - it s about Knowing How to make the best use of them. Creating Actionable Security Intelligence for Global IT Infrastructures 3
4 4 Three approaches to managing risk.
5 Analyst comments: The point is well-taken, according to Craig Roth, an analyst with Gartner Inc.'s Burton Group division and author of the recent report, "Building a Business Case for Collaboration Initiatives." As the business environment becomes more competitive, more global, and more cost-sensitive and responsive, the need for technologies that support collaboration is increasing. For many CIOs, breaking down information silos and forcing cooperation is the innovation that will lead to more innovation. The Vanguard Group is convinced that the social collaboration and communication tools her IT team is implementing and supporting will dramatically change corporate culture in concrete ways, such as compensation, as well as in ways we cannot even imagine. Implementation of Virtualized Enabled Collaboration 5
6 Business Problem/Regulatory Concerns What is the change in the world that has brought this issue to the forefront? Virtualization within the global enterprise. Utilizing multiple vendors and technologies internal and external. What are the regulatory concerns? International Data Privacy laws relevant to local jurisdictions Involvement of Corp Sec., HR, Legal Communication with Worker s Council members Handling of sensitive information transferring data to SOC located outside the EU What is the scope of the problem (The NEED)? No commercial tools for leveraging investment in security products like log management, vulnerability management, and intrusion management with upstream and downstream internal asset information systems. Creating Actionable Security Intelligence in a virtual global IT environment. 6
7 Formula for Success: What exactly were you trying to resolve (The NEED)? Optimizing business processes around the consolidation of information from multiple systems while ensuring that high priority incidents are worked based on risk factor (security severity and asset classification). How did you approach problem? Discovering and changing processes, assessing and implementing technologies, convince management to address the problem in parallel with the technology deployment plan. TIG and SIG teams. Formula for Success = 25% technology deployment + 50% process integration + 25% over come internal resistance to collaboration. 7
8 Creating Actionable Security Intelligence Data Center 1 SMC Data Center 3 SMC Data Center 2 SMC Data Center 4 SMC Data Center 6 SMC Data Center 5 SMC 8
9 Discover, Build, Promote Collaboration. Integration of Log Mgmt into the Incident Handling Process Version updated August 5,2008 Inform NSN CERT MSSP SOC/CERT Service Provides Other source of Incident information Incident handling Verification & Analysis Create OTRS Ticket Update SP ticket SP1, SP2,SP3,SP4 Inform NSN CERT SOC/CERT duty-officer MSSP / SOC Monitoring & Alerting Incident Handling Remediation Valid NSN incident No Yes Yes Update OTRS ticket MSSP Portal Create a SP ticket Vuln is in MP/ SC Inform NSN CERT Possible Incident Detected No Incident handling Counter measure Case assigned to CERT & MSSP Update OTRS ticket Yes Yes Update MSSP Ticket Yes Create MSSP Ticket Yes Approve to close SP ticket Level 4-5 Event More SP remediation needed? No Std Conf mismatch, Update OTRS ticket Incident handling Remediation verification Level 1-3 Event No Define new controls in MP / Std Config Implementation Review/update MP/Std Conf System Designer MSSP Portal Report Yes 9
10 Benefits of Solution Leveraged prior investments in technology Provide Actionable Intelligence into the organization by de-stove-piping data feeds NOC-SOC-Stakeholder collaboration Developed a common understanding with SP ers SOC visibility into Integrity of Service Providers Increased Productivity of Stakeholders Decreased MTTR to Risks Gave Security a clean-slate 10
11 Technology Deployment that drives Risk Mgmt Vulnerability Management Intrusion Management Vulnerability Information Service Log Management 11
12
13 Collection of Security Data
14 Processing Asset & Security Data
15 Risk Management Process
16 16 REMS logon page
17 Workbench (ipad) 4 Risk Management
18 What was the final result? Utilized commercial security technology solutions and developed a flexible modular solution for automating Risk Management. How did it work out? An automated, integrated approach to IT Security which benefits the client by: Integrated solution: People, Processes and Technologies Enabled organization to reduce IT Operational costs Reduced risks to Business Critical Assets Increased CERT and Service Provider effectiveness and efficiency Facilitated a risk-based plan for remediation and escalation management Provided a more cost-effective and timely solution How much time did it take? Six months (POC > Pilot > Production) Stakeholder feedback? Summary of Results All is better as the approach is a really good solution 18
19 Business Drivers and Challenges for IT Security Risk Management Allow more partners/collaborators into the network Move security closer to the Business Applications Can I identify abnormal access to applications? What are relevant security events? Who or what is really accessing the information? How do Application events impact the Service? Can we monitor inter-active legacy data flows? Correlate Sourcefire events with Application events. 19
20 20 Content is subject to NDA
Solution Briefing. Integrating the LogLogic API with NSN s Remediation & Escalation Mgmt. System
Solution Briefing Integrating the LogLogic API with NSN s Remediation & Escalation Mgmt. System Tim Larson August 2009 Introduction Nokia Siemens Network s environment Company: Leading provider of mobile
More informationSecurity Services. A Solution for Providing BPM of Security Services within the Enterprise Environment.
Security Services A Solution for Providing BPM of Security Services within the Enterprise Environment. First steps towards Next Generations Operations (OPS) to drive Gross Margin Dear security colleagues,
More informationBusiness Case Outsourcing Information Security: The Benefits of a Managed Security Service
Business Case Outsourcing Information Security: The Benefits of a Managed Security Service seccuris.com (866) 644-8442 Contents Introduction... 3 Full- Time Experts vs. a Part- Time In- House Staff...
More informationBest Practices in File Integrity Monitoring. Ed Jowett, CISSP ITIL Practitioner Sr. Systems Engineer, Tripwire Inc.
Best Practices in File Integrity Monitoring Ed Jowett, CISSP ITIL Practitioner Sr. Systems Engineer, Tripwire Inc. Who is Ed Jowett 2 Agenda Best Practices in FIM The 3 Main Drivers of FIM Lessons Learned
More informationAchieving Control: The Four Critical Success Factors of Change Management. Technology Concepts & Business Considerations
Achieving Control: The Four Critical Success Factors of Change Management Technology Concepts & Business Considerations T e c h n i c a l W H I T E P A P E R Table of Contents Executive Summary...........................................................
More informationObtaining Enterprise Cybersituational
SESSION ID: SPO-R06A Obtaining Enterprise Cybersituational Awareness Eric J. Eifert Sr. Vice President Managed Security Services DarkMatter Agenda My Background Key components of the Cyber Situational
More informationOpen Source Incident Management Tool for CSIRTs
An Agency Under MOSTI Open Source Incident Management Tool for CSIRTs Adli Wahid Head, Malaysia CERT (MyCERT) CyberSecurity Malaysia Copyright 2008 CyberSecurity Malaysia Agenda About MyCERT Where do incidents
More informationSIEM Implementation Approach Discussion. April 2012
SIEM Implementation Approach Discussion April 2012 Agenda What are we trying to solve? Summary Observations from the Security Assessments related to Logging & Monitoring Problem Statement Solution Conceptual
More informationThe Importance of Information Delivery in IT Operations
The Importance of Information Delivery in IT Operations David Williams Notes accompany this presentation. Please select Notes Page view. These materials can be reproduced only with written approval from
More informationBest Practices for Building a Security Operations Center
OPERATIONS SECURITY Best Practices for Building a Security Operations Center Diana Kelley and Ron Moritz If one cannot effectively manage the growing volume of security events flooding the enterprise,
More informationPublished April 2010. Executive Summary
Effective Incident, Problem, and Change Management Integrating People, Process, and Technology in the Datacenter Published April 2010 Executive Summary Information technology (IT) organizations today must
More informationOrganizational Issues of Implementing Intrusion Detection Systems (IDS) Shayne Pitcock, CISSP First Data Corporation
Organizational Issues of Implementing Intrusion Detection Systems (IDS) Shayne Pitcock, CISSP First Data Corporation Agenda Problem Description Issues for Consideration Mitigation of the Issues Options
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationTying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation
Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus
More informationContinuous Monitoring in a Risk Management Framework. US Census Bureau Oct 2012
Monitoring in a Risk Management Framework US Census Bureau Oct 2012 Agenda Drivers for Monitoring What is Monitoring Monitoring in a Risk Management Framework (RMF) RMF Cost Efficiencies RMF Lessons Learned
More informationDrive Down IT Operations Cost with Multi-Level Automation
White White Paper Paper Drive Down IT Operations Cost with Multi-Level Automation Overview Reducing IT infrastructure and operations (I+O) budgets is as much on the mind of CIOs today as it s ever been.
More informationInnovation Meets Service Management:
Computer Network Solutions Innovation Meets Service Management: How ITinvolve blows away the service desk status quo A Thought Leadership Whitepaper INTRODUCTION: ITSM Ripe for Change and Innovation In
More informationAnalyzing Security for Retailers An analysis of what retailers can do to improve their network security
Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationOvercoming Five Critical Cybersecurity Gaps
Overcoming Five Critical Cybersecurity Gaps How Active Threat Protection Addresses the Problems that Security Technology Doesn t Solve An esentire White Paper Copyright 2015 esentire, Inc. All rights reserved.
More informationFind the intruders using correlation and context Ofer Shezaf
Find the intruders using correlation and context Ofer Shezaf Agenda The changing threat landscape What can you do to find intruders? Best practices for timely detection and mitigation HP ArcSight 2 Find
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationLeveraging Your Tools for Better Compliance
Leveraging Your Tools for Better Compliance Using People, Process, and Technology to Measure Compliance Agenda Why are we doing it? Current Sources of Information (People, Process, Technology) Limitation
More informationWhite Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA
White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial
More informationWhat is Security Intelligence?
2 What is Security Intelligence? Security Intelligence --noun 1. the real-time collection, normalization, and analytics of the data generated by users, applications and infrastructure that impacts the
More informationMAINTAINING COMPLIANCE AND MANAGING RISK IN OUTSOURCED ENGAGEMENTS. Nick Harrahill PayPal Global Security Operations
MAINTAINING COMPLIANCE AND MANAGING RISK IN OUTSOURCED ENGAGEMENTS Nick Harrahill PayPal Global Security Operations AGENDA Inception of an engagement The legal agreement Assessing the risk Customer call
More informationOperational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel
Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel @Ben_Smith Ben Smith, CISSP Field CTO (US East), Security Portfolio A Security Maturity Path CONTROLS COMPLIANCE IT RISK BUSINESS
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More information2012 North American Managed Security Service Providers Growth Leadership Award
2011 South African Data Centre Green Excellence Award in Technology Innovation Cybernest 2012 2012 North American Managed Security Service Providers Growth Leadership Award 2011 Frost & Sullivan 1 We Accelerate
More informationCaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security
CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security 1 Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
More informationTowards Threat Wisdom
Towards Threat Wisdom Duncan Brown dbrown@idc.com @duncanwbrown What our world looks like Incidents Threats 48% 1 1mpd 2 Infections x14 3 Sources: 1. PwC, The Global State of Information Security Survey
More informationAchieving HR Transformation 2.0 the Role of Workforce Communications Technologies
Session Number # 148 Achieving HR Transformation 2.0 the Role of Workforce Communications Technologies DJ Chhabra, Enwisen Mike Lapetina, Unisys DJ Chhabra President, Enwisen 20+ years technology strategy
More informationEnabling Security Operations with RSA envision. August, 2009
Enabling Security Operations with RSA envision August, 2009 Agenda What is security operations? How does RSA envision help with security operations? How does RSA envision fit with other EMC products? If
More informationIBM Security QRadar Vulnerability Manager
IBM Security QRadar Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution Highlights Help prevent security breaches by discovering and highlighting high-risk
More informationApplication Security Center overview
Application Security overview Magnus Hillgren Presales HP Software Sweden Fredrik Möller Nordic Manager - Fortify Software HP BTO (Business Technology Optimization) Business outcomes STRATEGY Project &
More informationIntelligence Driven Security
Intelligence Driven Security RSA Advanced Cyber Defense Workshop Shane Harsch Senior Solutions Principal, RSA 1 Agenda Approach & Activities Operations Intelligence Infrastructure Reporting & Top Findings
More informationThe Value of Vulnerability Management*
The Value of Vulnerability Management* *ISACA/IIA Dallas Presented by: Robert Buchheit, Director Advisory Practice, Dallas Ricky Allen, Manager Advisory Practice, Houston *connectedthinking PwC Agenda
More informationDer Weg, wie die Verantwortung getragen werden kann!
Managed Security Services Der Weg, wie die Verantwortung getragen werden kann! Christoph Altherr System Engineer Security 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Agenda Enterprise
More informationU.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems
U.S. Office of Personnel Management Actions to Strengthen Cybersecurity and Protect Critical IT Systems June 2015 1 I. Introduction The recent intrusions into U.S. Office of Personnel Management (OPM)
More informationBe Fast, but be Secure a New Approach to Application Security July 23, 2015
Be Fast, but be Secure a New Approach to Application Security July 23, 2015 Copyright 2015 Vivit Worldwide Copyright 2015 Vivit Worldwide Brought to you by Copyright 2015 Vivit Worldwide Hosted by Paul
More informationCaretower s SIEM Managed Security Services
Caretower s SIEM Managed Security Services Enterprise Security Manager MSS -TRUE 24/7 Service I.T. Security Specialists Caretower s SIEM Managed Security Services 1 Challenges & Solution Challenges During
More informationWilhelmenia Ravenell IT Manager Eli Lilly and Company
Wilhelmenia Ravenell IT Manager Eli Lilly and Company Agenda Introductions The Service Management Framework Keys of a successful Service management transformation Why transform? ROI and the customer experience
More informationIPcenter v3 ITIL v3 Alignment
Alignment IPcenter v3 is based on ITIL v3 conceptual alignment of IT service functions with business goals. The IPcenter interface features configurable portals for service design, service transition,
More informationSpyders Managed Security Services
Spyders Managed Security Services To deliver world-class Managed Security Services, Spyders must maintain and invest in a strong Security Operations Centre (SOC) capability. Spyders SOC capability is built
More informationState of SIEM Challenges, Myths & technology Landscape 4/21/2013 1
State of SIEM Challenges, Myths & technology Landscape 4/21/2013 1 Introduction What s in a name? SIEM? SEM? SIM? Technology Drivers Challenges & Technology Overview Deciding what s right for you Worst
More informationEffective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention
Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats
More informationNetIQ FISMA Compliance & Risk Management Solutions
N E T I Q C O M P L I A N C E S E R I E S NetIQ FISMA Compliance & Risk Management Solutions The Federal Information Security Management Act (FISMA) requires federal agencies to create and implement a
More informationManaged Security Service Providers vs. SIEM Product Solutions
White Paper The Business Case for Managed Security Services Managed Security Service Providers vs. SIEM Product Solutions www.solutionary.com (866) 333-2133 The Business Case for Managed Security Services
More informationCautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
More informationStepping Through the Info Security Program. Jennifer Bayuk, CISA, CISM
Stepping Through the Info Security Program Jennifer Bayuk, CISA, CISM Infosec Program How to: compose an InfoSec Program cement a relationship between InfoSec program and IT Governance design roles and
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More information10 Tips to Better Manage Your Service Team
10 Tips to Better Manage Your Service Team Service Management Recurring Services Solution Development & Mgmt Marketing & Sales Project Services Service Desk Field Services Managed Services Service Desk
More informationIncident Management. Verdis Spearman verdis.spearman@hq.dhs.gov 703.235.5443
Incident Management Verdis Spearman verdis.spearman@hq.dhs.gov 703.235.5443 Agenda Overview Governance Stakeholders Responsibilities Trusted Internet Connection Initiative Incident Response Requirements
More informationECM: Key Market Trends and the Impact of Business Intelligence
ECM: Key Market Trends and the Impact of Business Intelligence Cheryl McKinnon, Principal Analyst February 2014 Agenda ECM current state and market trends Achieve ECM success by using business intelligence
More informationAbout Us. 2 Managed Services E: sales@ironcovesolutions.com T: +310.823.2047 W: www.ironcovesolutions.com. Our Mission. What We Do
MANAGED SERVICES About Us Iron Cove Solutions is a cloud-computing deployment provider offering industry-leading cloud services to SMB sized businesses. We are cloud consultants assisting in the assessment,
More informationQRadar SIEM and Zscaler Nanolog Streaming Service
QRadar SIEM and Zscaler Nanolog Streaming Service February 2014 1 QRadar SIEM: Security Intelligence Platform QRadar SIEM provides full visibility and actionable insight to protect networks and IT assets
More informationUnderstanding the Performance Management Process
Understanding the Performance Management Process Monitoring Market Monitoring tools account for more then 50% of market Most organizations have not matured their monitoring environment Missing Process
More informationBRIDGE. the gaps between IT, cloud service providers, and the business. IT service management for the cloud. Business white paper
BRIDGE the gaps between IT, cloud service providers, and the business. IT service management for the cloud Business white paper Executive summary Today, with more and more cloud services materializing,
More informationRisk Analytics for Cyber Security
Risk Analytics for Cyber Security Justin Coker, VP EMEA, Skybox Security IT Challenges 2015, Belgium 2nd October 2014 www.skyboxsecurity.com justin.coker@skyboxsecurity.com +44 (0) 7831 691498 Risk Analytics
More informationWHITE PAPER. Unified Monitoring Drives High- Performance Business Results
WHITE PAPER Unified Monitoring Drives High- Performance Business Results Table of Contents EXEC SUMMARY... 1 INTRODUCTION... 1 THINK BEFORE YOU BUY... 2 The Pitfalls of Silos...2 Monitoring Tools: Less
More informationSecuring and protecting the organization s most sensitive data
Securing and protecting the organization s most sensitive data A comprehensive solution using IBM InfoSphere Guardium Data Activity Monitoring and InfoSphere Guardium Data Encryption to provide layered
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Collect network security device configuration data to
More informationEmerging Technologies & the State of the SOC. John Kindervag, Vice President and Principal Analyst
Emerging Technologies & the State of the SOC John Kindervag, Vice President and Principal Analyst 2014 In Review 2015 Forrester Research, Inc. Reproduction Prohibited 3 2015 is bad too! 2015 Forrester
More informationOIT User Conference Security Team November 2014
OIT User Conference Security Team November 2014 Welcome and Introductions What will we be covering today? Introductions Office of Information Security and Privacy (OISP) and the Transformation effort Staffing
More informationBREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT
BREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT Rashmi Knowles RSA, The Security Division of EMC Session ID: Session Classification: SPO-W07 Intermediate APT1 maintained access to
More informationVMware Virtualization and Cloud Management Overview. 2010 VMware Inc. All rights reserved
VMware Virtualization and Cloud Management Overview 2010 VMware Inc. All rights reserved Automating Operations Management Why? What? How? Why is Operations Management different in the virtual world? What
More informationActionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy
www.netforensics.com NETFORENSICS WHITE PAPER Actionable Security Intelligence: Preparing for the Next Threat with a Proactive Strategy Contents Executive Summary The Information Security Landscape Security
More informationHP ENTERPRISE SECURITY. Protecting the Instant-On Enterprise
HP ENTERPRISE SECURITY Protecting the Instant-On Enterprise HP SECURITY INTELLIGENCE AND RISK MANAGEMENT PLATFORM Advanced Protection Against Advanced Threats 360 Security Monitoring to Detect Incidents
More informationIncident Response and the Role of External Services
Incident Response and the Role of External Services Andrea Rigoni Business Development Manager - Government Sector Symantec Corp. Andrea_Rigoni@symantec.com Abstract: Managing security is a complex task
More informationEcom Infotech. Page 1 of 6
Ecom Infotech Page 1 of 6 Page 2 of 6 IBM Q Radar SIEM Intelligence 1. Security Intelligence and Compliance Analytics Organizations are exposed to a greater volume and variety of threats and compliance
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Compliance yes, but security? Analyze & prioritize alerts across various sources
More informationHow To Improve Data Quality
The Data Quality Challenge What about all the spreadsheets? Ralph Baxter, CEO, ClusterSeven Agenda Spreadsheets...and Business...and Regulators.and Cost...and Management...and Data Exploitation/Opportunity
More informationW H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s
W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s IDC Middle East, Africa, and Turkey, Al Thuraya Tower 1, Level 15, Dubai
More informationState of Oregon. State of Oregon 1
State of Oregon State of Oregon 1 Table of Contents 1. Introduction...1 2. Information Asset Management...2 3. Communication Operations...7 3.3 Workstation Management... 7 3.9 Log management... 11 4. Information
More informationThe Total Economic Impact of Automating Systems Management
The Total Economic Impact of Automating Systems Management Travis Greene Chief Service Management Strategist Agenda The Challenges of Non-Automated Systems Management Steps to Apply Automation Effectively
More informationKeep Users Happy By Integrating I.T. Operations and I.T. Support
BMC INDUSTRY INSIGHTS Keep Users Happy By Integrating I.T. Operations and I.T. Support By Bruce Campbell, Principal Solutions Marketing Manager, BMC Software TABLE OF CONTENTS FROM HELP DESK TO ITS M AND
More informationIBM Security QRadar Risk Manager
IBM Security QRadar Risk Manager Proactively manage vulnerabilities and network device configuration to reduce risk, improve compliance Highlights Visualize current and potential network traffic patterns
More informationAdvanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA
Advanced SOC Design Next Generation Security Operations Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA 1 ! Why/How security investments need to shift! Key functions of a Security Operations
More informationEffective Threat Management. Building a complete lifecycle to manage enterprise threats.
Effective Threat Management Building a complete lifecycle to manage enterprise threats. Threat Management Lifecycle Assimilation of Operational Security Disciplines into an Interdependent System of Proactive
More informationSecurity. Security consulting and Integration: Definition and Deliverables. Introduction
Security Security Introduction Businesses today need to defend themselves against an evolving set of threats, from malicious software to other vulnerabilities introduced by newly converged voice and data
More informationSarbanes-Oxley (SOX) The Migration from Project to Process. Practical Actions for Getting Started. Jim DeLoach, Managing Director.
Sarbanes-Oxley (SOX) The Migration from Project to Process Practical Actions for Getting Started Jim DeLoach, Managing Director November 7, 2006 The Results So Far? Source: AuditAnalytics.com May 2006
More informationBuilding a Security Operations Center (SOC)
Building a Security Operations Center (SOC) Ben Rothke, CISSP CISM Wyndham Worldwide Corp. Session ID: TECH-203 Session Classification: Advanced About me Ben Rothke, CISSP, CISM, CISA Manager - Information
More information"Service Lifecycle Management strategies for CIOs"
"Service Lifecycle strategies for CIOs" Ralf Hart, Sales Manager CEE Europe FrontRange Solutions 10th December 2008 Agenda FrontRange Solutions The challenges the IT community faces What is the solution?
More informationSecurity Event Monitoring (SEM) Working Group
Security Event Monitoring (SEM) Working Group Dale Peterson, SEM WG Chair Digital Bond, Inc. Collaborating to Advance Control System Security Control Systems Are Being Monitored Detecting Intrusions and
More informationThe Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era Dave Plzak Security Evangelist Sentinel IPS davep@econet.com * Agenda Review of the current Network
More informationFIVE PRACTICAL STEPS
WHITEPAPER FIVE PRACTICAL STEPS To Protecting Your Organization Against Breach How Security Intelligence & Reducing Information Risk Play Strategic Roles in Driving Your Business CEOs, CIOs, CTOs, AND
More informationCAS8489 Delivering Security as a Service (SIEMaaS) November 2014
CAS8489 Delivering Security as a Service (SIEMaaS) November 2014 Usman Choudhary Senior Director usman@netiq.com Rajeev Khanolkar CEO SecurView Agenda What is Security Monitoring? Definition & concepts
More informationSUPPLIER SECURITY STANDARD
SUPPLIER SECURITY STANDARD OWNER: LEVEL 3 COMMUNICATIONS AUTHOR: LEVEL 3 GLOBAL SECURITY AUTHORIZER: DALE DREW, CSO CURRENT RELEASE: 12/09/2014 Purpose: The purpose of this Level 3 Supplier Security Standard
More informationThe Case for Cloud Computing - A strategic Perspective
Executive Summary The case for cloud computing is becoming more clear. Cloud computing has been a hot topic lately, and for good reason. With it, companies can gain potential competitive advantages that
More informationContinuous Network Monitoring
Continuous Network Monitoring Eliminate periodic assessment processes that expose security and compliance programs to failure Continuous Network Monitoring Continuous network monitoring and assessment
More informationTOP INNOVATIONS FOR CYBERSECURITY
1 TOP INNOVATIONS FOR CYBERSECURITY MATTHEW S TOP 10 SECURITY INNOVATIONS FOR THE PRESENT & NEAR FUTURE MATTHEW GARDINER, SR. MANAGER, RSA SECURITY 2 ROADMAP INFORMATION DISCLAIMER EMC makes no representation
More informationHow To Manage Risk
Oracle Applications Day Zürich, 1. Juli 2009 Risk und Performance Management in Stürmischen Zeiten mit Oracle GRC Steven Hagner EMEA GRC Sales Organization 1 Safe Harbor Statement The following is intended
More informationThe Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era
The Role of Threat Intelligence and Layered Security for Intrusion Prevention in the Post-Target Breach Era Ted Gruenloh Director of Operations Sentinel IPS * Agenda! Review of the current Network Security
More informationExtreme Networks Security Analytics G2 Vulnerability Manager
DATA SHEET Extreme Networks Security Analytics G2 Vulnerability Manager Improve security and compliance by prioritizing security gaps for resolution HIGHLIGHTS Help prevent security breaches by discovering
More information