Cybersecurity Strategic Consulting

Similar documents
Address C-level Cybersecurity issues to enable and secure Digital transformation

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

Digital Transformation and the future of QA & Testing. March 3 rd, 2016 Jérôme Cadiou

Testing the Security of your Applications

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Testing the Security of your Applications

Meeting the challenge of software quality and maximizing return on investment Performance driven. Quality assured.

Test Automation. Full service delivery for faster testing at optimum cost

Combating a new generation of cybercriminal with in-depth security monitoring

Application Security Testing Powered by HPE Fortify on Demand. Managed application security testing available on demand

A collaborative and customized approach to sourcing testing and quality assurance services Performance driven. Quality assured.

A NEW APPROACH TO CYBER SECURITY

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

Test Data Management. Representative data, compliant for test environments

Get Significant Application Quality Improvement without Major Investment Performance driven. Quality assured.

Industrial Cyber Security Risk Manager. Proactively Monitor, Measure and Manage Industrial Cyber Security Risk

Test Environment Management. Full Lifecycle Delivery and Support

Get Significant Application Quality Improvement Without Major Investment. Performance driven. Quality assured.

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Cyber Security Evolved

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

Project, Program & Portfolio Management Help Leading Firms Deliver Value

NNIT Cybersecurity. A new threat landscape requires a new approach

Automotive Suppliers and Cybersecurity

Website (Digital) & Mobile Optimisation. 10 April G-Cloud. service definitions

THE WORLD IS MOVING FAST, SECURITY FASTER.

Cybersecurity The role of Internal Audit

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

Get Significant Application Quality Improvement without Major Investment Performance driven. Quality assured.

Key Cyber Risks at the ERP Level

Impact of Cybersecurity Innovations in Key Sectors (Technical Insights)

Wealth management offerings for sustainable profitability and enhanced client centricity

Preemptive security solutions for healthcare

FFIEC Cybersecurity Assessment Tool

Cyber security Building confidence in your digital future

SkySight: New Capabilities to Accelerate Your Journey to the Cloud

Fraud Solution for Financial Services

A collaborative and customized approach to sourcing testing and quality assurance services Performance driven. Quality assured.

Core Banking Transformation using Oracle FLEXCUBE

State of Security Survey GLOBAL FINDINGS

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY

Metrics that Matter Security Risk Analytics

Cyber Security - What Would a Breach Really Mean for your Business?

A Guide to Successfully Implementing the NIST Cybersecurity Framework. Jerry Beasley CISM and TraceSecurity Information Security Analyst

CYBER SECURITY TRAINING SAFE AND SECURE

How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Securing Critical Information Assets: A Business Case for Managed Security Services

Cyber security: Are consumer companies up to the challenge?

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

My Experience. Serve Users in a Way that Serves the Business.

Strengthen security with intelligent identity and access management

Developing National Frameworks & Engaging the Private Sector

Risk and responsibility in a hyperconnected world: Implications for enterprises

Cybersecurity Delivering Confidence in the Cyber Domain

CONSULTING IMAGE PLACEHOLDER

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

Cybersecurity. Considerations for the audit committee

Microsoft s cybersecurity commitment

Building Secure Cloud Applications. On the Microsoft Windows Azure platform

Payment Card Industry Data Security Standard

Reducing Cyber Risk in Your Organization

Logging In: Auditing Cybersecurity in an Unsecure World

Capgemini and Pegasystems: Delivering Business Value through Partnership

Security & privacy in the cloud; an easy road?

CyberSecurity Solutions. Delivering

Digital Customer Experience

Transforming Your Core Banking and Lending Platform

Strategies for assessing cloud security

Where insights lead Cybersecurity and the role of internal audit: An urgent call to action

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

CYBER SECURITY, A GROWING CIO PRIORITY

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

Detecting Anomalous Behavior with the Business Data Lake. Reference Architecture and Enterprise Approaches.

Compliance. Review. Our Compliance Review is based on an in-depth analysis and evaluation of your organization's:

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch

North American Electric Reliability Corporation (NERC) Cyber Security Standard

Finding the areas for improvement in plans, processes and procedures to protect shareholder value Performance driven. Quality assured.

Information Security Services

How To Protect Your Network From Attack From A Network Security Threat

ISE Northeast Executive Forum and Awards

The Aerospace & Defence industry of tomorrow

Managed Security Services

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

IBM Penetration Testing Services

OECD PROJECT ON CYBER RISK INSURANCE

Transcription:

Home Overview Challenges Global Resource Growth Impacting Industries Why Capgemini Capgemini & Sogeti Cybersecurity Strategic Consulting Enabling business ambitions, resilience and cost efficiency with strategies for tackling cybersecurity issues We support cybersecurity transformations with assessments, diagnosis and audits of your organization, the protection mechanisms you have implemented and your security supervision capabilities related to sensitive data, critical infrastructures and digital transformation. This enables you to define your cyber security strategy and transformation roadmap.

Understand your position and increase your AWARENESS of CYBERSECURITY 2

Understand your position and increase your awareness of cybersecurity As Digital Transformation initiatives gain pace across the world, the threat of cyber attack grows in tandem. Further risks stem from the evolving business and regulatory requirements and technology trends that are posing new cybersecurity challenges and endangering the success of digital programs. In this landscape, while cyber criminals have matured and professionalized, Social, Mobility, Analytics, Cloud and Internet of Things (SMACT) technologies make today s digital enterprise increasingly vulnerable. The criminals are quick to exploit this. The cost both financially and in reputational damage is huge. Estimates suggest the annual cost of cybersecurity attacks is anything from $375 billion to $575 billion. Add to this the once loyal customers who take their business elsewhere following a security breach, reduced competitive advantage, fines, and loss of business due to system downtime, and it s clear why mitigating the threat of cyber attack is a strategic priority. Indeed, cybersecurity is a Board concern strongly linked to trust, innovation, competitiveness and business growth. Safeguarding customer data, research and development findings, intellectual property, business development documentation, and other critical information assets must be addressed in the context of Digital Transformation. For example it should embrace Cloud and Mobile computing, as well as Big Data, IT, Operational Technology (OT) and Internet of Things (IoT). Business leaders in both strategic and operational roles must answer vital questions. How do you know if your business is resilient enough? Are you compliant with privacy and security regulations and corporate policy? Is it possible to combine digital transformation with acceptable risks, and how secure are your websites, IT infrastructures, applications and data? Capgemini and Sogeti help to answer these questions with insight into enterprise security positions. This informs strategies for successful cybersecurity. The more you know about your real situation (vulnerabilities and security controls), the more you can strengthen your organization with effective solutions and procedures for governance, risk and compliance (GRC). 3

The CYBERSECURITY challenges 4

The cybersecurity challenges Cyber threats (sabotage, fraud, theft, etc.) and regulatory requirements (personal data protection, critical infrastructures resilience, breach / leak notification, etc.) are an escalating global concern. This raises a number of issues for the modern digital enterprise, including the following four challenges: 10101010001111111111000000 1010101000111111111100000000 1010101000111111111100000000 0101000111111111100000001110 10001111111111000000010101000 100101010111100000000110010101 1000110101010110000000001010100101 10001110101010000000001110010101000 10000101010000000000000011101010100 10001111111111000000000101010101010 10001101010101110000000001010101010 100011111010101010000000001010101 0101 1010 1110 1 0 1 0 0 1 1 0 1 0 0 0 1 0 1 0 1 1 How to evolve the traditional security model so that there is a focus on data, people and risks. This demands a rebalancing of security protection from network centric to data centric in the fight against data leaks linked to digitization, as well as solutions adapted to anticipate unknown risks. Where best to invest now that security operations no longer rely solely on IT protection. Investment must be balanced between a cycle of cybersecurity activities comprising: anticipation > prevention > protection > detection > reaction (as depicted here). How to align the new cybersecurity vision with business as part of the transformation journey to deliver deep changes in the security function. Protection should be based on the 5 pillars of: data center security; applications & database security; endpoints security; identity & access management (IAM); and data security. How to evolve the security function towards a people-centric approach in order to avoid employees being the weak link. This can be achieved by developing a cybersecurity culture and by strengthening professionalization of security people (including crisis management exercise). In a cyber environment with ever-changing risks and threats, our Strategic Consulting services help clients to meet these challenges. How? By providing the insight needed to aggressively establish sound cybersecurity practices that do not hinder businesses performance. Based on a clear Target and Roadmap, we define transformation programs enabling our Operational Consulting teams to implement standards (ISO 27xxx and others) and relevant solutions. 5

Partnerships with leading security vendors ensure our clients benefit from the latest tools and technologies to safeguard their enterprise assets. These include partners who are specialists in 50 different security product segments (identity access management (IAM), security information and event management (SIEM), etc.). 5 key pilars of Cybersecurity strategy and architecture Datacenter & Network / Application & database / Data in transit / Endpoints / Identity & Access The World Economic Forum Global Risks 2015 report highlights a number technological risks among the most important global macro risks. Data fraud or theft and cyber attacks are listed in the 10 most likely risks, while the breakdown of critical information infrastructure and networks is among the top 10 risks in terms of impact. The report also points to massive and widespread misuse of technologies as a global risk. Security processes Security architecture Security/privacy by design People awareness Data leak prevention Vulnerability assessment Endpoints Apps Capgemini/Sogeti Data Cybersecurity Infrastructure IAM Threat monitoring Application security testing, system penetration testing Data leak monitoring Computer Security Incident Response Team (CSIRT) Security Operation Center (SOC) Security incident remediation actions The cycle of cybersecurity operations Investment must be wisely balanced between these 12 activities 6

A GLOBAL RESOURCE POOL of consultants and experts 7

A global resource pool of consultants and experts Capgemini and Sogeti s Strategic Consulting services are a key component of our broader Cybersecurity Global Practice. This comprises more than 2,500 specialists with cybersecurity skills and a deep knowledge of relevant standards, methodologies, tools and processes. The complete portfolio of services and technologies is designed to help organizations defend themselves against cyber crime, while leveraging the power of SMACT technologies. It s a comprehensive cybersecurity transformation suite of methodologies and services giving clients proven practices, world-class consulting and technology, and leading edge managed security services. These are built on the five pillars of cybersecurity defense: Users, Applications, End-points, Infrastructure and data security Our Cybersecurity Strategic Consulting professionals have proven experience of defining and implementing the right strategy, target operating model and GRC structure to help clients ensure their security design and operations support strategic objectives and business continuity. We accompany our clients throughout their digital and cybersecurity transformations with services integrated into the cybersecurity strategy, along with protection and monitoring capability. Securing your Digital Transformation By planning ahead with a cybersecurity strategy as part of your Digital Transformation journey, you will be in a more confident position to stay compliant and achieve cost savings. Your organization will derive a range of benefits around the three key themes of enabling growth, improving resilience and reducing cost. Within these themes, we help our clients to enable Digital Transformation and innovation, while protecting their assets and reputation so that they sustain business growth. We help to extend security from deterrence and protection to prevention and full resilience. And we minimize the impact of breaches and attacks and ensure efficient compliance with regulations, such as those relating to personal data protection. 8

CYBERSECURITY enabling business growth through digital innovation 9

Cybersecurity enabling business growth through digital innovation Cybersecurity is a business enabler for building trust in the digital world. We have deep experience in cybersecurity transformation across Financial Services, Utilities, IT Services, Manufacturing, Government, and other sectors. With a strong focus on data / information protection and IT / OT resilience our Cybersecurity Strategic Consulting services comprise: Cybersecurity & Information Protection Maturity Assessment we elaborate a transformation program (quick wins, hot topics and mid-term roadmap) based on a 360 approach (technology, people, process, regulation) leveraging international standards and our own referential; Cybersecurity Organization Transformation and Professionalization we take a global approach to cybersecurity management, encompassing both IT, OT and Data Protection, throughout a qualitative and quantitative assessment of resources (internal and outsourced), organization and governance. We aim to enhance the professionalization of enterprise cybersecurity based on a clear target organization chart, job descriptions (CISO, DPO, analyst, architect, etc.), RACI matrix, governance scheme, sourcing strategy and training / certification programs. Cybersecurity Awareness & Change Management we put people at the heart of cybersecurity by helping to deploy a relevant cybersecurity cultural change plan (communication, awareness and training) according to profiles, topics, resources and timing. The change management approach depends on a client s maturity and is a central tenet of successful transformation program implementation; Data Classification/Protection/Privacy/Leakage based on a maturity assessment, we focus cybersecurity programs on critical data protection across the end-to-end process. We help to identify critical data assets and build a data management roadmap including data governance, data classification, identity and access management, storage and destruction, encryption and data leak; 10

Economics and Cyber Insurance for our more mature and biggest clients, our service includes an assessment of cybersecurity budget and its split between organization, protection and supervision. We analyze OpEx and CapEx, people and tools. We also enable our client to review their cyber insurance policy. Crisis Management for C-levels cyber attacks are commonplace and our task is to help our clients to be ready to manage cybersecurity crisis (by elaborating and testing concrete scenarios in their business and operational context). A cyberdefense training platform will be provided in 2016. Our consultants will help you to increase risk control (security and privacy) throughout an effective change management process that balances the risks and opportunities of your digital journey. 11

Impacting Industries 12

Impacting Industries The impact of successful cybersecurity attacks is felt not just on corporate IT, but on the business and its executive too. Our insight, experience and cybersecurity capabilities will ensure your business is resilient against such attacks. Our Strategic Cybersecurity Consulting services have helped diverse organizations increase employees awareness of the importance of cybersecurity and define their cyber defense strategies. Clients in Manufacturing, Industry, Utilities, Financial services and the Public Sector have drawn on our Cybersecurity & Information Protection Maturity Assessment service. This features maturity questionnaires (cybersecurity & information protection baseline, data protection, data privacy, critical infrastructures, human factor), as well as market standards (ISO, ISF, S2C2) and automated tools. Our Cybersecurity Organization Transformation and Professionalization service saw us drawing on knowledge of our clients businesses and intimacy with their executives to support transformation initiatives of their security models (organization, key functions and roles, skills, RACI, training program, ) for organizations in Industry, Financial Services, High Tech and the Public Sector. We have provided Cybersecurity Awareness & Change Management solutions for a large UK Public Agency and international groups (Banks, Insurance, Services), as well as a number of Oil and Gas companies. We adopt best practices and provide acceptable use policies, ready-to-use content and support for employees, IT staff, executives, etc., (on site, online/e-learning, use of different communication channels, and key performance indicators). Our Data Classification/Protection/Privacy/Leakage service has helped to protect data assets for a number of international groups (Banks, Insurance, Oil & Gas). We use assessment questionnaires and classification materials, and deploy best practices for information lifecycle protection. Our Economics & Cyber Insurance service has helped to review clients strategy and funding to optimize their cyber security budget based on a deep maturity assessment (Telco, Utilities, High Tech). Our Crisis Management for C level service has helped a large European Administration to prepare itself in the event of a cyber attack through crisis management exercise. 13

Why Capgemini and Sogeti? 14

Why Capgemini and Sogeti? Ongoing discussions at executive level on the risks and opportunities of Digital transformation Significant investment to further develop our reputation as a global service provider enables us to address C-level cybersecurity concerns from a business risk perspective. We work closely with Chief Information Officers, Chief Digital Officers and Chief (Information) Security Officers, Business leaders and Executives to ensure cybersecurity is an effective business enabler. As you would expect from a global leader in cybersecurity consulting, we work with the highest industry standards to address: Sensitive data protection and data privacy including big data issues Critical IT and systems security Cloud and mobile computing security challenges Protection of Operation Technology and connected objects Keep your organization ahead of current and emerging practices in a rapidly changing business and information technology landscape with Cybersecurity Strategic Consulting from Capgemini 15

About Capgemini and Sogeti For more details contact: Pierre-Luc Réfalo Head of Strategic Consulting pierre-luc.refalo@capgemini.com The information contained in this document is proprietary. Copyright 2015 Capgemini and Sogeti. All rights reserved. Rightshore is a trademark belonging to Capgemini. With 180,000 people in over 40 countries, Capgemini is one of the world s foremost providers of consulting, technology and outsourcing services. The Group reported 2014 global revenues of EUR 10.573 billion. Together with its clients, Capgemini creates and delivers business, technology and digital solutions that fit their needs, enabling them to achieve innovation and competitiveness. A deeply multicultural organization, Capgemini has developed its own way of working, the Collaborative Business Experience TM, and draws on Rightshore, its worldwide delivery model. Sogeti is a leading provider of technology and software testing, specializing in Application, Infrastructure and High-Tech Engineering Services. Sogeti offers cutting-edge solutions around Testing, Business Intelligence, Mobile, Cloud and Security. Working closely with its clients, Sogeti enables them to leverage technological innovation and achieve maximum results. On Software Testing Sogeti is worldwide market leader. Our 2700 passionated employees are known for there skills. Sogeti brings together more than 20,000 professionals in 15 countries and has a strong local presence in over 100 locations in Europe, USA and India. Together Capgemini and Sogeti have developed innovative, business-driven quality assurance (QA) and Testing services, combining best-in-class testing methodologies (TMap and TPI ) to help organizations achieve their testing and QA goals. The Capgemini Group has created one of the largest dedicated testing practices in the world, with over 12,300 test professionals and a further 14,500 application specialists with Testing experience, notably through a common centers of excellence with testing specialists developed in India and elsewhere. TMap, TMap NEXT, TPI and TPI NEXT are registered trademarks of Sogeti, part of the Capgemini Group. Learn more about us at www.capgemini.com/cybersecurity or www.sogeti.com/cybersecurity MCOS_GI_AH_20151210

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information