Workforce Management: Introducing a Policy Rules Engine to Industrial Security Adrian Fielding, Honeywell Damian Vassallo, RightCrowd

Similar documents
Ellipse The Enterprise Asset Management (EAM) solution for asset intensive industries

"Service Lifecycle Management strategies for CIOs"

Italy. EY s Global Information Security Survey 2013

Data Center Solutions

The IBM Solution Architecture for Energy and Utilities Framework

Smart Data Center Solutions

Business Partner Program Guide

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Health Care Solutions

Recruitment Process: Why Outsource?

Intelligent Data Center Solutions

Enterprise Workforce Management Solutions

CyberArk Privileged Threat Analytics. Solution Brief

Process Automation Overview Process Automation Overview

Security as Architecture A fine grained multi-tiered containment strategy

Enterprise Data Management

Advanced Multichannel Order Management Solutions That Optimize Sales Performance

The Business Continuity Maturity Continuum

Leveraging Sarbanes-Oxley (SOX) to Build Better Practices

DYNAMIC INFRASTRUCTURE Helping build a smarter planet

Invensys Collaborative Plant Automation Maintenance. When it comes to operations performance... we make it happen.

W H I T E P A P E R I m p a c t o f C y b e r s e c u r i t y A t t a c k s a n d N e w - A g e S e c u r i t y S t r a t e g i e s

Mitra Innovation Leverages WSO2's Open Source Middleware to Build BIM Exchange Platform

How to Develop Successful Enterprise Risk and Vendor Management Programs

FREQUENTLY ASKED QUESTIONS

Panduit Unified Operations Center

BANKING AND FINANCE. Advanced technology solutions to maximize the security of financial institutions and branch banks.

Predictive Straight- Through Processing

Masterminding Data Governance

Ceridian International Payroll Services Our KnowHow, Your Success. Ceridian Corporation. All rights reserved.

Security management White paper. Develop effective user management to demonstrate compliance efforts and achieve business value.

BeyondInsight Version 5.6 New and Updated Features

CHOOSING A WIRELESS IMPLEMENTATION STRATEGY AND APPLICATIONS

Kyriacos Kokkinos IBM Executive Director Analytics Consulting

Supplier Relationship Management (SRM) Redefining the value of strategic supplier collaboration

Presentation Title: When Anti-virus Doesn t Cut it: Catching Malware with SIEM

THE NEXT GENERATION OF HR SHARED SERVICES SUBHEADLINE RUNS HERE AND HERE AND HERE AND HERE

The Comprehensive National Cybersecurity Initiative

ACCELERATING OPERATIONAL EXCELLENCE FOR GLOBAL AND REGIONAL MANUFACTURERS

ITSM in the Cloud? Sharon Taylor Aspect Group Inc

Meeting the challenge of software quality and maximizing return on investment Performance driven. Quality assured.

Powering Today and Tomorrow. Energy Solutions

DoD Software Assurance (SwA) Overview

Regulatory Compliance Management for Energy and Utilities

Towards a Blended Workforce - the Evolution of Recruitment Process Outsourcing (RPO) Models

Hospitality CIO Survey Results

Speakers: Barry Asin, President, Staffing Industry Analysts Ron Mester, President & CEO, ERE Media THURSDAY 11:45 AM PACIFICA 11, 12

Defending against modern cyber threats

Risk Calculation and Predictive Analytics: Optimizing Governance, Risk and Compliance.

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

Solving the Security Puzzle

Addressing Cyber Risk Building robust cyber governance

Aligning Quality Management Processes to Compliance Goals

FEDERAL HOUSING FINANCE AGENCY ADVISORY BULLETIN AB Cyber Risk Management Guidance. Purpose

PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management

Key New Capabilities Complete, Open, Integrated. Oracle Identity Analytics 11g: Identity Intelligence and Governance

Update On Smart Grid Cyber Security

2012 North American Content Security Product Differentiation Excellence Award

PERFORMANCE-BASED BUDGETING METHODOLOGY AND TOOLS

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

Commodity Price Risk Management (CPRM) - Trends and Challenges for Corporates

Boost ROA with Proactive Asset Performance Maximization Strategy

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

Best Practice in Corporate Performance Management at DHL Express: Gain an INSIGHT into Yield and How It Drives Analytics

Information Governance Workshop. David Zanotta, Ph.D. Vice President, Global Data Management & Governance - PMO

CIO Financial Services Visualization Dashboards that Make Managing IT Easier

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

IBM Advanced Threat Protection Solution

Infrastructure Asset Management Report

Extraction of SAP Data for Audit & Compliance

Insight Report. Digital marketing governance From fragmentation to alignment to impact. In this report

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Cyber Security Risk

Leveraging Information For Smarter Business Outcomes With IBM Information Management Software

RedPrairie for Convenience Retail. Providing Consistency and Visibility at Least Cost

Discover Performance Through Digital Intelligence The Digital Suites for Oil and Gas

Real-Time Security Intelligence for Greater Visibility and Information-Asset Protection

Risk Considerations for Internal Audit

Reducing Cost and Risk Through Software Asset Management

TalentLink Disaster Recovery & Service Continuity

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Driving Operations through Better, Faster Decision Making

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

Key Trends, Issues and Best Practices in Compliance 2014

Using SAP Master Data Technologies to Enable Key Business Capabilities in Johnson & Johnson Consumer

SRI LANKA AUDITING PRACTICE STATEMENT 1013 ELECTRONIC COMMERCE EFFECT ON THE AUDIT OF FINANCIAL STATEMENTS

Transcription:

2015 Honeywell Users Group Europe, Middle East and Africa Workforce Management: Introducing a Policy Rules Engine to Industrial Security Adrian Fielding, Honeywell Damian Vassallo, RightCrowd

Integrated Protective Solutions Honeywell s Integrated Protective Solutions deliver Safety Shutdown, Fire & Gas, Physical and Cyber Security holistically across process facilities. Together these solutions ensure that process, plant, people and environment are safer and more secure than ever before. They include independent yet interrelated layers of protection to prevent, detect and mitigate potential safety and security risks and threats. Ensuring Safety & Security of your Workforce 2 2015 Honeywell International All Rights Reserved

Abstract Workforce Management: Introducing a policy rules engine to Industrial Security, Damian Vassallo RightCrowd and Adrian Fielding Honeywell This presentation will explain the emerging workforce assurance space and the methodologies for implementing an attribute based access control system The conversation will focus on defining attributes and policies that a rules engine could enforce; i.e. near real time condition based access control When incorporated as part of an over-arching industrial security program, organizations can leverage powerful and robust business process that aids and improves business performance 3 2015 Honeywell International All Rights Reserved

Workforce Assurance Purpose Mental Model Link Org Management to Business Function Resource Management Improve throughput $ per hour / $ per person Process Structure Reaction 5 2015 Honeywell International All Rights Reserved Improve the visibility and productivity of the business by: Mitigating physical security, safety and compliance vulnerabilities. Automating and standardizing people processes to improve productivity. Enabling the better management of our people and their costs in realtime.

Link Org Management to Business Process Purpose Collaboration between different areas of the company HR, Finance, Operations, Compliance Assurance across the spectrum of Logical and Physical Logical HR, Payroll, Active Directory, Task Applications Physical - Networks and Facilities (Data Centres, Vaults, Industrial Sites) THIS IS CHANGE 6 2015 Honeywell International All Rights Reserved

Link Org Management to Business Process Purpose. Security events Location data, when "root" account is accessed (console of a server) Authorization to grant access Non-repudiation (Who is the Owner?) Multi-Level approval link to Org Chart and Area Owners Separation of duties Validation checks differ Internal v 3 rd Party contractors or visitors 7 2015 Honeywell International All Rights Reserved

Link Org Management to Business Process Outcome Risk Reduction - Certainty that a task has been carried out Process Automation Less manpower has achieved cost efficiency 8 2015 Honeywell International All Rights Reserved

Resource Management Throughput Limit access to those who are approved, authorized, accredited and accounted for Background checks EHS (Compliance/Certifications) Appropriate commercials Seamless Interdepartmental process Chain of Approval / Delegation Immediacy One touch Termination (Logical and Physical) Employee, Contractor or Visitor 9 2015 Honeywell International All Rights Reserved

Resource Management Outcome Compliance Full audit trail of data What was it changed from What was it changed to Reporting information packaged in real time map to specific requirements and for specific users 10 2015 Honeywell International All Rights Reserved

Business Improvement Mitigate Risks to Business Interruption Converge with DVM to increase / improve security performance Plan for peak periods and flow of workforce (Shutdowns) Correlate multiple data feeds Asset information to Personnel information Pre-emptive Business Continuity/Evacuation Plans Ensuring / Insuring Brand Reputation Timeliness responding to emerging / ongoing crises Sophistication to IT Security Advanced Persistent Threat / Insider Threat 11 2015 Honeywell International All Rights Reserved

Conclusion Workforce Assurance requires clear approaches to logical and PHYSICAL security Something you Own Something you Know Something you Are Prepare for aggression at a Cyber Level What are the sources and where can they be mitigated Situational Awareness of Assets and People Visibility and Value Trust NO SILVER BULLET 12 2015 Honeywell International All Rights Reserved

Level of Maturity Logical / Physical Maturity Curve Workforce Assurance Maturity Model 1. Unaware 2. Tactical 3. Focused 4. Strategic 5. Pervasive Total lack of awareness Spreadsheet Information One-off report requests No Business sponsor Security in charge Limited users Data inconsistency and ad hoc systems Specific focus on a business need (e.g. attribute based management or fatigue management or contractor mobilization) Funding from business units on a project by project basis Specific set of users are realising value Business Objectives drive Workforce Assurance with Performance Management Strategies Deploy an enterprise metrics framework Governance policies are defined and enforced Establish a balanced portfolio of standards Information is trusted across the company Workforce Assurance is extended to suppliers, customers and business partners Workforce Assurance analytics are inserted into and around the business processes Unsupported Structures Accessing Business Improvement TM aiding with Health, Safety and Security decisions to support workforce assurance compliance reporting 13 2015 Honeywell International All Rights Reserved

Experiences from CXO CEO COO CFO CIO CSO Zero Harm Licence to Operate Who is working for me today? Are they known, authorised, accredited and accounted for at all times? Contractor Reconciliation (Plan v Actual) hours ROI of Mobilization expenditure Logical and Physical Identity Management Interoperability between systems Corporate Security Reduce Risk / Establish Standards Automate Security Policy and Procedures 14 2015 Honeywell International All Rights Reserved

15 2015 Honeywell International All Rights Reserved

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information