Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges



Similar documents
Accenture Cyber Security Transformation. October 2015

Advanced SOC Design. Next Generation Security Operations. Shane Harsch Senior Solutions Principal, MBA GCED CISSP RSA

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE

Intelligence Driven Security

What s New in Security Analytics Be the Hunter.. Not the Hunted

Advanced Threats: The New World Order

The session is about to commence. Please switch your phone to silent!

Operational Lessons from the RSA/EMC CIRC: People, Process, & Threat Intel

Best Practices to Improve Breach Readiness

IBM QRadar Security Intelligence April 2013

Speed Up Incident Response with Actionable Forensic Analytics

RSA ARCHER OPERATIONAL RISK MANAGEMENT

Advanced Threat Protection with Dell SecureWorks Security Services

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

Detect & Investigate Threats. OVERVIEW

ADVANCED KILL CHAIN DISRUPTION. Enabling deception networks

Getting Ahead of Advanced Threats

RSA Security Analytics

2012 雲 端 資 安 報 告. 黃 建 榮 資 深 顧 問 - Verizon Taiwan. August 2012

The Next Generation Security Operations Center

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Into the cybersecurity breach

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

RSA Archer Risk Intelligence

Protecting against cyber threats and security breaches

Continuous Network Monitoring

Risk Analytics for Cyber Security

Security Analytics for Smart Grid

SITUATIONAL AWARENESS MITIGATE CYBERTHREATS

Mike Smart Cyber Strategist & Enterprise Security Solutions, EMEA. Cyber: The Catalyst to Transform the Security Program

How RSA has helped EMC to secure its Virtual Infrastructure

White. Paper. Rethinking Endpoint Security. February 2015

McAfee Network Security Platform

THE EVOLUTION OF SIEM

CYBER SECURITY, A GROWING CIO PRIORITY

BREAKING THE KILL CHAIN AN EARLY WARNING SYSTEM FOR ADVANCED THREAT

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Extreme Networks Security Analytics G2 Vulnerability Manager

MassMutual Cyber Security. University of Massachusetts Internship Opportunities Within Enterprise Information Risk Management

Be Prepared. For Anything. Cyber Security - Confronting Current & Future Threats The role of skilled professionals in maintaining cyber resilience

QRadar SIEM and Zscaler Nanolog Streaming Service

Threat Intelligence: An Essential Component of Cyber Incident Response. Jeanie M Larson, CISSP-ISSMP, CISM, CRISC

Lifecycle Solutions & Services. Managed Industrial Cyber Security Services

CONSULTING IMAGE PLACEHOLDER

2011 Cyber Security and the Advanced Persistent Threat A Holistic View

Information Risk Management. Alvin Ow Director, Technology Consulting Asia Pacific & Japan RSA, The Security Division of EMC

LOG INTELLIGENCE FOR SECURITY AND COMPLIANCE

Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst

Metrics that Matter Security Risk Analytics

Address C-level Cybersecurity issues to enable and secure Digital transformation

Security Services. A Solution for Providing BPM of Security Services within the Enterprise Environment.

Combating a new generation of cybercriminal with in-depth security monitoring

FINANCIAL INSTITUTIONS: MANAGING OPERATIONAL RISK WITH RSA ARCHER

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

The Value of Vulnerability Management*

Joining Forces: Bringing Big Data to your Security Team

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

CSM-ACE 2014 Cyber Threat Intelligence Driven Environments

Developing Secure Software in the Age of Advanced Persistent Threats

The RSA Solution for. infrastructure security and compliance. A GRC foundation for VMware. Solution Brief

QRadar SIEM and FireEye MPS Integration

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

I D C A N A L Y S T C O N N E C T I O N

Italy. EY s Global Information Security Survey 2013

The Benefits of an Integrated Approach to Security in the Cloud

Cyber security Building confidence in your digital future

RSA ARCHER BUSINESS CONTINUITY MANAGEMENT AND OPERATIONS Solution Brief

Cybersecurity The role of Internal Audit

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

Internal audit of cybersecurity. Presentation to the Atlanta IIA Chapter January 2015

Solera Networks, A Blue Coat Company SOLERA NETWORKS BIG DATA SECURITY ANALYTICS

RSA, The Security Division of EMC. Zamanta Anguiano Sales Manager RSA

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

Defending Against Data Beaches: Internal Controls for Cybersecurity

IBM Security IBM Corporation IBM Corporation

PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management

Copyright 11/1/2010 BMC Software, Inc 1

Continuous Cyber Situational Awareness

ProtectWise: Shifting Network Security to the Cloud Date: March 2015 Author: Tony Palmer, Senior Lab Analyst and Aviv Kaufmann, Lab Analyst

IBM SECURITY QRADAR INCIDENT FORENSICS

Security and Privacy Trends 2014

Threat Intelligence: The More You Know the Less Damage They Can Do. Charles Kolodgy Research VP, Security Products

POWERFUL SOFTWARE. FIGHTING HIGH CONSEQUENCE CYBER CRIME. KEY SOLUTION HIGHLIGHTS

Security for Financial Services: Addressing the Perception Gaps in a Dynamic Landscape

Cybersecurity: Considerations for Internal Audit. IIA Atlanta Chapter Meeting January 9, 2015

Transcription:

Accenture Intelligent Security for the Digital Enterprise Archer s important role in solving today's pressing security challenges

The opportunity to improve cyber security has never been greater 229 2,287 67% Average days breached before discovery Days of longest presence Notified by external entities Source: Mandiant M-Trends 2014 Threat Report Source: Verizon 2014 Data Breach Investigations Report 2

Cyber criminals follow a common attack lifecycle Advanced threat agents are mature, organized, well funded and have strong motivations to achieve their objectives Threat Agents Nation States Organized Crime Activists Competitors Cyberwarfare, intellectual property theft, and espionage Monetization of data theft, fraud, attacker for hire services, etc. Drawing support for a cause, or drawing negative attention to a target Corporate espionage, reputation damage, disruption of operations Initial Compromise Target Acquisition Establish attack target (systems/ services, data, resources) Recon Perform technical and human reconnaissance Infiltration Period of Presence Silent Egress Remove evidence and/or retain covert access 3

Organizations need to move beyond a control or audit-centric mindset COMPLIANCE Audit-centric Controls based Driven largely by regulatory requirements Sample based Scope limited by audit domain Evaluated on a quarterly or annual basis SECURITY Business-centric Policy based Driven by business requirements Scope is holistic enterprise and extended community (i.e. 3 rd parties, suppliers, partners) Evaluated on a near real-time basis 4

Intelligent security adopts new capabilities to secure organizations Threat Intelligence Active Defense Vulnerability Management Security Incident Management Risk Management Advanced Security Analytics Operational Monitoring 5

Intelligent security utilizes sophisticated technologies AUTOMATION INCIDENT RESPONSE VISUALIZATION ANALYTICS BIG DATA PLATFORM Threat Network Logs Endpoint Intelligence Data Context 6

The Intelligent Security Operating Model integrates these capabilities SECURITY AUTOMATION & SERVICE MANAGEMENT A business measurement program focused on overall security posture and cyber security effectiveness Vulnerability Context VULNERABILITY MANAGEMENT Identification and management of organizational vulnerabilities Vulnerability Context OPERATIONAL MONITORING Centralized monitoring of infrastructure, users, and data events for alerts Events Operationalize Analytics Alerts Focused Monitoring Requests SECURITY INCIDENT MANAGEMENT The identification, response to, and recovery from security incidents Incidents EXPLORATORY SECURITY ANALYTICS Contextualization, data modeling, and visualization of operational monitoring data Intelligence Gathering Triggers THREAT INTELLIGENCE Collection, modeling, and analysis of organizational threats ACTIVE DEFENSE Dynamic response and counter-measures to active attacks Intelligence Gathering 7

RSA s portfolio contains solutions to meet today s challenges RSA Advanced Security Operations Center Solutions Security Analytics ECAT Data Loss Prevention RSA IT Security Risk Management Solutions Vulnerability Risk Management Security Operations Management RSA Archer GRC Solutions Regulatory Compliance Management Business Continuity Management Operational Risk RSA Live Intelligence Many more 8

RSA s portfolio aligns with the Intelligent Security Operating Model SECURITY AUTOMATION & SERVICE MANAGEMENT RSA Security Operations and RSA Archer GRC Vulnerability Context VULNERABILITY MANAGEMENT RSA Vulnerability Risk Manager Vulnerability Context OPERATIONAL MONITORING RSA Security Analytics for Network RSA Security Analytics for Logs Events Operationalize Analytics Alerts Focused Monitoring Requests SECURITY INCIDENT MANAGEMENT RSA Security Operations RSA ECAT Incidents EXPLORATORY SECURITY ANALYTICS Warehouse Visualization Intelligence Gathering Triggers ACTIVE DEFENSE RSA Archer GRC VMware Intelligence Gathering THREAT INTELLIGENCE RSA Live Intelligence 9

RSA Archer provides context and workflow to intelligent security RSA Archer Enterprise Management Business hierarchy Asset catalog Asset Risk information RSA Security Operations (SecOps) Security event triage Program Management Breach Communication Workflow RSA Vulnerability Risk Manager (VRM) Vulnerability Risk Prioritization Vulnerability Repair Workflow RSA Security Analytics (SA) Network Packet collection Event Log collection Alerting Security event analysis tools RSA ECAT Endpoint Breach Analysis 10

RSA Vulnerability Risk Manager is built on Archer and Analytics RSA VRM IT Security Analyst CISO VULNERABILITY ANALYTICS ANALYTICS ENGINE DATA COLLECTOR Devices Tickets Exceptions KPIs Administrator ARCHER VULNERABILITY RISK MANAGEMENT REPORTS WORKFLOWS RISK MANAGEMENT CONNECTION WITH GRC 11

RSA Security Analytics is integrated with Archer RSA SecOps CONTEXT ALERTS Incident Response Breach Response LAUNCH TO SA Aggregate Alerts to Incidents SOC Program Management Dashboard & Report Capture & Analyze Packets, Logs & Threat Feeds RSA Archer Enterprise Management (Context) RSA Archer BCM (Crisis Events) 12

Getting Started A Roadmap for Intelligent Security 13

Getting Started on Intelligent Security Foundational capabilities Establish capabilities to enable detection and response to known attack vectors Contextual awareness Develop deep contextualization of security events, uncover advanced threats early Adaptive threat management Deploy a flexible control model to proactively deter attacks by increasing the attacker s cost CAPABILITIES CAPABILITIES CAPABILITIES Define core metrics for program success Form security operations center (SOC) and incident response (IR) teams Develop incident response processes and procedures Collect system logs and network traffic Develop vulnerability management and threat intelligence capabilities Secure business application development Supplement SOC with breach hunters looking to identify earlystage attacks Deploy a big data advanced analytics platform Supplement SOC with data science capabilities Optimize SOC based upon performance metrics Orchestrate and automate responses Share threat intelligence information 14

Great opportunity to improve cyber security Intelligent security addresses this opportunity New capabilities Sophisticated technologies Integrated operating model RSA s portfolio is well aligned to enable intelligent security 15

THANK YOU

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information