Cybersecurity: Mission integration to protect your assets



Similar documents
CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

Cyber ROI. A practical approach to quantifying the financial benefits of cybersecurity

Data Lake-based Approaches to Regulatory- Driven Technology Challenges

Middle Class Economics: Cybersecurity Updated August 7, 2015

DoD Strategy for Defending Networks, Systems, and Data

The Comprehensive National Cybersecurity Initiative

Mobile Application Security. Helping Organizations Develop a Secure and Effective Mobile Application Security Program

STATEMENT BY DAVID DEVRIES PRINCIPAL DEPUTY DEPARTMENT OF DEFENSE CHIEF INFORMATION OFFICER BEFORE THE

Booz Allen Cloud Solutions. Our Capability-Based Approach

Cybersecurity Delivering Confidence in the Cyber Domain

CyberM 3 Business Enablement: Cybersecurity That Empowers Your Business with Comprehensive Information Security

Department of Homeland Security INFORMATION TECHNOLOGY STRATEGIC PLAN

COUNTERINTELLIGENCE. Protecting Key Assets: A Corporate Counterintelligence Guide

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative

CLOSING THE DOOR TO CYBER ATTACKS HOW ENTERPRISES CAN IMPLEMENT COMPREHENSIVE INFORMATION SECURITY

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

Partnership for Cyber Resilience

DEFENSE INFORMATION SYSTEMS AGENCY STRATEGIC PLAN UNITED IN SERVICE TO OUR NATION

Developing a Mature Security Operations Center

THE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, February 12, 2013

The Geospatial Approach to Cybersecurity: An Executive Overview. An Esri White Paper January 2014

OPTIMUS SBR. Optimizing Results with Business Intelligence Governance CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE.

Lessons from Defending Cyberspace

ENTERPRISE COMPUTING ENVIRONMENT. Creating connections THROUGH SERVICE & WORKFORCE EXCELLENCE

The Path Ahead for Security Leaders

SOCIAL MEDIA LISTENING AND ANALYSIS Spring 2014

THE HUMAN FACTOR AT THE CORE OF FEDERAL CYBERSECURITY

Getting in Front of the Cybersecurity Talent Crisis

CFO Changing the CFO Mindset on Cybersecurity

Cyber/IT Risk: Threat Intelligence Countering Advanced Adversaries Jeff Lunglhofer, Principal, Booz Allen. 14th Annual Risk Management Convention

NATIONAL STRATEGY FOR GLOBAL SUPPLY CHAIN SECURITY

Managing cyber risks with insurance

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Cyber security Building confidence in your digital future

Cyber Risk to Help Shape Industry Trends in 2014

Business resilience: The best defense is a good offense

Statement. Mr. Paul A. Brinkley Deputy Under Secretary of Defense for Business Transformation. Before

CYBER SECURITY, A GROWING CIO PRIORITY

CYBER SECURITY Audit, Test & Compliance

Technology. Building Your Cloud Strategy with Accenture

CyberReady Solutions. Integrated Threat Intelligence and Cyber Operations MONTH DD, YYYY SEPTEMBER 8, 2014

TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL. (U) SIGINT Strategy February 2012

DEFENSE SECURITY SERVICE

Technology. Building Your Cloud Strategy with Accenture

Strategic solutions to drive results in matrix organizations

Cyber Threat Intelligence and Incident Coordination Center (C 3 ) Protecting the Healthcare Industry from Cyber Attacks

DoD CIVILIAN LEADER DEVELOPMENT FRAMEWORK COMPETENCY DEFINITIONS. Leading Change

CyberSecurity Solutions. Delivering

SOCIAL MEDIA LISTENING AND ANALYSIS Spring 2014

Statement of Gil Vega. Associate Chief Information Officer for Cybersecurity and Chief Information Security Officer. U.S. Department of Energy

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Cybersecurity on a Global Scale

Talent & Organization. Organization Change. Driving successful change to deliver improved business performance and achieve business benefits

IBM Executive Point of View: Transform your business with IBM Cloud Applications

Cybersecurity Converged Resilience :

Advanced Threat Protection with Dell SecureWorks Security Services

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

Consulting. PMOver Transforming the Program Management Office into a Results Management Office

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

10Minutes. on the stark realities of cybersecurity. The Cyber Savvy CEO. A changed business environment demands a new approach:

Remote Management Services Portfolio Overview

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

Operations Excellence in Professional Services Firms

Become a hunter: fi nding the true value of SIEM.

CYBER SECURITY GUIDANCE

How do you give cybersecurity the highest priority in your organization? Cyber Protection & Resilience Solutions from CGI

2 Gabi Siboni, 1 Senior Research Fellow and Director,

Cybersecurity and internal audit. August 15, 2014

Symantec Global Intelligence Network 2.0 Architecture: Staying Ahead of the Evolving Threat Landscape

Cisco Security Optimization Service

Cyber security Building confidence in your digital future

FFIEC Cybersecurity Assessment Tool

Risk and responsibility in a hyperconnected world: Implications for enterprises

How To Change A Business Model

Experience the commitment WHITE PAPER. Information Security Continuous Monitoring. Charting the Right Course. cgi.com 2014 CGI GROUP INC.

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

Actions and Recommendations (A/R) Summary

DYNAMIC INFRASTRUCTURE Helping build a smarter planet

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

BIG SHIFTS WHAT S NEXT IN AML

NASCIO 2014 State IT Recognition Awards

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

EVERYTHING YOU NEED TO KNOW ABOUT MANAGING YOUR DATA SCIENCE TALENT. The Booz Allen Data Science Talent Management Model

Cyber Security Market by Solution - Global Forecast to 2020

ICBA Summary of FFIEC Cybersecurity Assessment Tool

FIVE PRACTICAL STEPS

Transcription:

Cybersecurity: Mission integration to protect your assets C Y B E R S O L U T I O N S P O L I C Y O P E R AT I O N S P E O P L E T E C H N O L O G Y M A N A G E M E N T Ready for what s next

Cyber solutions from Booz Allen Hamilton help you achieve true cyber power. Cyber power is the strategic use of information and communications technologies to enable economic growth, empower society, and enhance national security, while simultaneously keeping cyberspace secure. In all aspects of business, government, and society, cyber capabilities offer great promise and peril. With more users and systems coming online, and new threats and attacks emerging every day, securing the cyber realm is one of the greatest challenges facing organizations today. Cybersecurity is more than technology, and more than information assurance and network security. It s a complex, multi-dimensional challenge that demands a multi-faceted and strategic solution. Count on Booz Allen Hamilton for solutions that help you be ready for what s next. Be sure. Be safe. Be ready. We help provide the building blocks to get you there. Booz Allen brings extensive experience deploying cybersecurity solutions for organizations of all kinds, from defense and national security agencies to civil and commercial sectors including finance, energy, health, and technology. With thousands of cyber professionals, Booz Allen is ready and able to help you achieve the benefits of cyber power, while mitigating the risks and improving your organization s readiness and response.

The key to cybersecurity is integration. Our Mission Integration Framework aligns essential areas to address the real issues. Network security has expanded in scope to what we now call cybersecurity. To protect the most critical information, cyber strategies and solutions must deliver on several fronts. Today, it is necessary to think bigger than technology and address complex policy, human capital, management, and operational issues. Booz Allen offers an integrated framework to help clients address all issues and strengthen cybersecurity in any environment. Keeping pace in a world that keeps changing Many cyber solutions in the market can be summed up in one word: fragmented. Solve one problem and another arises. Challenges include investments in technology without training or full integration, strategists working independently from operators, or outmoded acquisition and procurement approaches that fail to keep pace with the changing threats and evolve to meet an organization s needs. At the same time, sophisticated cyber-attack tools proliferate on the Web, while the barriers to entry continue to fall. Because the challenges are significant, response and preparation must be equally bold, decisive, and comprehensive. As information and communications technology (ICT) systems become more integral to business operations and critical infrastructure, cybersecurity must be seen as a strategic enabler rather than a tactical afterthought. Putting it all together: Mission Integration The key to cybersecurity is an integrated approach. In many cases, thinking bigger means thinking in multiple dimensions leveraging the tools, talent, and resources at your disposal for a multi-disciplinary approach to protect assets. From our perspective, success requires a consistent, systematic approach that integrates all elements of cybersecurity Policy, Operations, People, Technology, and Management. By aligning these five key areas, Booz Allen s unique Cyber Mission Integration Framework informs decisionmaking and strengthens readiness across the board. Every American depends directly or indirectly on our system of information networks. They are increasingly the backbone of our economy and our infrastructure; our national security and our personal well-being. President Barack Obama 3

policy OPERATIONS Enable cybersecurity with a unified approach Transform operational strategies to mitigate enterprise risks Policy is integral to leverage resources, reduce conflict and redundancy, and work toward long-term cybersecurity goals. Comprehensive policy informs the entire cybersecurity framework, laying out what needs to be done and who has the authority to do it. Booz Allen helps clients establish policy guidance to provide direction and perspective, and devise strategy to explore various options to accomplish the policy ends. Next, we help you leverage doctrine to translate the strategy into an overarching operating model, illustrating how various people, process, and technology functions fit together to accomplish the mission. At the same time, governance delivers a coherent and consistent decisionmaking structure, clarifying decision rights and a model that avoids decision ambiguity and paralysis by analysis. Booz Allen helps integrate all elements of cybersecurity to instill consistency, engage stakeholders, and inform decision-making. This is key to translating intent into a viable operating model. 1 From the US Office of Counterintelligence report, October 2011, Foreign Spies Stealing US Economic Secrets in Cyberspace, Report to Congress on Foreign Economic Collection and Industrial Espionage, 2009-2011. Businesses and government agencies are under constant attack from adversaries seeking to disrupt operations or steal intellectual capital, financial information or military secrets. China and Russia, for example, are among the most aggressive, pervasive, and sophisticated threats, stealing economic data and technology at an alarming rate. 1 Traditional cybersecurity operations models aimed at preventing intrusion are inadequate against today s advanced persistent threats. Organizations must be able to anticipate new threats, not just react after attacks, and look beyond IT management to achieve a broader view to protect assets, reputation, competitiveness, financial viability, and more. The key to enterprise risk management is to build multiple layers of defense within an organization and with partners across the cyber ecosystem. These layers of defense must be broader than just technology alone, as vulnerabilities may exist across people, policy, process, and management areas as well. Booz Allen s Dynamic Defense approach strengthens operations to be proactive, dynamic, and adaptive. We help organizations evolve cybersecurity from an IT issue of protecting networks and data to an effective enterprise-wide approach that considers all areas of risk. With increasing reliance on digital technologies to carry out daily functions and support missions, effective cyber operations must consider a holistic view to defend the enterprise. Our process integrates threat awareness to identify vulnerabilities, rapid response to an attack to facilitate recovery and mitigate impact, cyber maturity diagnostics to provide ongoing insights into risks and weaknesses with a corresponding plan to enhance an organization s cybersecurity posture, and evolutionary response to develop remediation strategies and build on lessons learned. By layering defenses through policy, people, technology, and management processes, your organization will be ready to react to attacks because it has been proactive in anticipating and preparing for them. Leverage solutions that provide real-time awareness of threats and rapid response to attacks for flexible, evolving cyber operations throughout your organization and with business partners 4

PEOPLE TECHNOLOGY Build a collaborative culture armed with cyber-ready talent The human dimension of cybersecurity is critical, encompassing everything from technical and leadership skills to organizational culture and communications. Cyber-secure organizations must be able to identify, recruit, develop, and retain a cyber-aware, cyber-ready workforce that can understand and adapt to advanced persistent cyber threats. Part of the challenge is to ensure the right skill set for network operators and defenders, cyber intelligence analysts, cyber leaders, even front-line employees. But it also requires the right mindset: a collaborative, cyber-aware culture that can detect and respond to threats that span organizational and geographic boundaries. Booz Allen consultants work with clients to maximize the human factor. We help clients develop a comprehensive approach to cyber human capital, from competency modeling and workforce planning to cyber-specific recruiting and retention strategies. We also help clients train and develop talent, so that cyber professionals and leaders have the requisite state-of-the art skills. And we help clients engage key internal and external organizational stakeholders, to keep them aware and informed of the cyber threat, to optimize the organization s internal climate and culture, and to build and sustain the external relationships necessary to effectively anticipate and overcome cyber events. Leverage game-changing technologies and standards to maximize security in the digital environment While point solutions such as firewalls, antivirus software, and intrusion detection systems are essential, true cybersecurity requires a holistic approach to technology. From understanding current requirements and the impact of changes in technology capabilities to implementing appropriate solutions, our technology approach is aimed at realizing your competitive edge and staying ahead of fast-moving threats. This vital work falls into three primary areas. Strategic innovation, research, and development provides for ongoing awareness and integration of emerging technologies to understand their benefits and impact, and to stay a step ahead of would-be cyber attackers. Requirements development looks at business needs across all sectors of the organization to ensure technology systems will be reliable and resilient and will support the mission of the organization. Finally, technology is about engineering and implementing solutions that are modular, interoperable, scalable, and can be integrated in a cost-efficient manner. From identity and access management, to cloud computing security and service oriented architecture (SOA), count on Booz Allen to enable the right technologies for your needs. Be ready for the opportunities ahead. We consider all aspects of the people challenge, including competency development, curriculum planning, stakeholder analysis, change management, and strategic communications. Evaluate options, build effective architectures, and establish standards to ensure interoperability, integration, and innovation through technology. 5

MANAGEMENT Ensure an integrated management system to stay ready and respond effectively Managing security and cyber capabilities across the enterprise takes more than technology. With advanced persistent threats and sophisticated attacks on the rise, the vigilant enterprise must respond with an integrated management strategy that addresses technology, policy, people, and operations. These interdependent elements are critical to managing risks, monitoring assets and supply chains, training employees, providing for resiliency and recovery, and ensuring program oversight and performance of business-critical functions. Our integrated approach helps organizations build a layered defense against cyber threats and enables them to better recognize vulnerabilities, respond to and limit attacks that do get through, and evolve from lessons learned and compliance requirements. It provides the discipline to prioritize investments and resources based on their value to the organization s business and mission, and the flexibility to quickly deploy new technologies or support a surge in operations. For many leaders, the challenge of cyber management lies in staying focused on the big picture rather than the end solution. Management that aligns its resources with the organization s strategy and goals can reduce risks and damage from attacks, develop a culture where employees are knowledgeable and mindful about security policies, and protect high-impact assets and investments. Multidimensional cyber challenges demand a comprehensive approach to ensure control and continuity of critical functions and requirements. Count on Booz Allen for expertise to help you establish performance criteria, address gaps, and improve accountability for resource management at all levels, in all functions. 6

Across sectors, Booz Allen helps address risks and readiness with results integrated and adapted for your market, your challenges Information and communications technologies continue to dramatically alter and impact our economy, society, and national security. In the next 10 years, the reach and impact of cyberspace will accelerate as another billion users in China, India, Brazil, Russia, Indonesia, and the Middle East gain access to the Internet. Systems will become more diverse, distributed, and complex, and ever more critical to day-to-day functioning. ENERGY FINANCE HEALTH TRANSPORTATION As you consider this reality, think about your organization s cyber readiness. Where are you vulnerable? How can you mitigate the risks while fueling progress? Turn to Booz Allen for answers Booz Allen is poised with smart solutions that address all the issues. With extraordinary cyber talent and our Mission Integration Framework to guide you, we will help you devise the right policy and strategy to power your operations with the best people and technologies to manage the challenges ahead. INTELLIGENCE HOMELAND SECURITY DEFENSE Use of Department of Defense images does not constitute or imply endorsement. 7

C Y B E R S O L U T I O N S P O L I C Y O P E R AT I O N S P E O P L E T E C H N O L O G Y M A N A G E M E N T About Booz Allen Booz Allen Hamilton has been at the forefront of strategy and technology consulting for nearly a century. Today, the fi rm provides professional services primarily to the US government in defense, intelligence, and civil markets, and to major corporations, institutions, and not-for-profi t organizations. Booz Allen offers clients deep functional knowledge spanning strategy and organization, engineering and operations, technology, and analytics which it combines with specialized expertise in clients mission and domain areas to help solve their toughest problems. Booz Allen is headquartered in McLean, Virginia, employs more than 25,000 people, and had revenue of $5.59 billion for the 12 months ended March 31, 2011. To learn more, visit www.boozallen.com. (NYSE: BAH) Contacts: CYBER Randy Hayes Vice President hayes_randy@bah.com 703-377-5501 POLICY Dave Sulek Principal sulek_david@bah.com 703-984-0798 OPERATIONS Rick Stotts Principal stotts_richard@bah.com 210-244-4265 PEOPLE Ron Sanders Senior Executive Advisor sanders_ ron@bah.com 703-984-0016 TECHNOLOGY Brian Hubbard Principal hubbard_brian@bah.com 410-684-6607 MANAGEMENT Nadya Bartol Senior Associate bartol_nadya@bah.com 301-444-4114

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information