SECURITY RISK MANAGEMENT. FIRST 2007 Seville, Spain



Similar documents
WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

Cyber Security RFP Template

Best Practices for Threat & Vulnerability Management. Don t let vulnerabilities monopolize your organization.

Proactive Security through Effective Management

Attack Intelligence: Why It Matters

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

THE TOP 4 CONTROLS.

Integrated Threat & Security Management.

Bringing A New Operational Discipline to Network Security

NEXPOSE ENTERPRISE METASPLOIT PRO. Effective Vulnerability Management and validation. March 2015

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER

Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology

Risk Analytics for Cyber Security

SharePoint Governance & Security: Where to Start

Vulnerability management lifecycle: defining vulnerability management

BUILDING AN EFFECTIVE VULNERABILITY MANAGEMENT PROGRAM. Henrik Åkerstrand Account Executive Nordics

AlgoSec. Managing Security at the Speed of Business. AlgoSec.com

Using Skybox Solutions to Achieve PCI Compliance

Effective Threat Management. Building a complete lifecycle to manage enterprise threats.

Scalability in Log Management

WHITE PAPER. Attaining HIPAA Compliance with Retina Vulnerability Assessment Technology

IT Security & Compliance. On Time. On Budget. On Demand.

Best Practices for Building a Security Operations Center

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Vulnerability Management

Optimizing Network Vulnerability

Best Practices for Vulnerability Management

NERC CIP VERSION 5 COMPLIANCE

HP Application Security Center

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

User s Guide. Skybox Risk Control Revision: 11

I D C E X E C U T I V E B R I E F

Prevent cyber attacks. SEE. what you are missing. Netw rk Infrastructure Security Management

How to Painlessly Audit Your Firewalls

IBM Security QRadar Risk Manager

Extreme Networks Security Analytics G2 Vulnerability Manager

Next-Generation Vulnerability Management

Total Protection for Compliance: Unified IT Policy Auditing

Best Practices for PCI DSS V3.0 Network Security Compliance

Scanless Vulnerability Assessment. A Next-Generation Approach to Vulnerability Management

Metrics that Matter Security Risk Analytics

How To Manage A Network Security Risk

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

The Value of Vulnerability Management*

IBM Security IBM Corporation IBM Corporation

Security solutions White paper. Acquire a global view of your organization s security state: the importance of security assessments.

The Firewall Audit Checklist Six Best Practices for Simplifying Firewall Compliance and Risk Mitigation

McAfee Database Security. Dan Sarel, VP Database Security Products

An Introduction to Network Vulnerability Testing

NETWORK PENETRATION TESTING

2015 Enterprise Vulnerability Management Trends Report

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

Breaking down silos of protection: An integrated approach to managing application security

Cisco Advanced Services for Network Security

White Paper The Dynamic Nature of Virtualization Security

Avoiding the Top 5 Vulnerability Management Mistakes

The Business Case for Security Information Management

Application Security in the Software Development Lifecycle

ETHICAL HACKING APPLICATIO WIRELESS110 00NETWORK APPLICATION MOBILE MOBILE0001

O N L I N E I N C I D E N T R E S P O N S E C O M M U N I T Y

Serro Solutions Enables Managed Security Service Providers to Optimize Networking Performance and Cost

QRadar SIEM 6.3 Datasheet

How To Monitor Your Entire It Environment

What a Vulnerability Assessment Scanner Can t Tell You. Leveraging Network Context to Prioritize Remediation Efforts and Identify Options

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Risk Calculation and Predictive Analytics: Optimizing Governance, Risk and Compliance.

Continuous Network Monitoring

ADDING NETWORK INTELLIGENCE TO VULNERABILITY MANAGEMENT

Using Risk Modeling & Attack Simulation for Proactive Cyber Security Predictive Solutions for Effective Security Risk Management

Top 20 Critical Security Controls

Cautela Labs Cloud Agile. Secured.

Extreme Networks Security Analytics G2 Risk Manager

Information Security Services

SANS Top 20 Critical Controls for Effective Cyber Defense

2015 Enterprise Vulnerability Management Trends Report

Introduction Jim Rowland, Senior System Architect and Project Manager Daly

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

IBM QRadar Security Intelligence April 2013

Overview. Microsoft Office Enterprise Project Management Solution. In this article

How To Buy Nitro Security

White Paper. Managing Risk to Sensitive Data with SecureSphere

Complete Web Application Security. Phase1-Building Web Application Security into Your Development Process

The Emergence of Security Business Intelligence: Risk

Standard: Vulnerability Management and Assessment

Embracing Microsoft Vista for Enhanced Network Security

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

RSA Archer Risk Intelligence

WHITEPAPER PROACTIVE SECURITY INTELLIGENCE RETURN ON INVESTMENT

Fundamentals of Information Systems Security Unit 1 Information Systems Security Fundamentals

BIG SHIFT TO CLOUD-BASED SECURITY

Hope is not a strategy. Jérôme Bei

Messaging Policy Management

Minimizing Risk Through Vulnerability Management. Presentation for Rochester Security Summit 2015 Security Governance Track October 7, 2015

Achieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR

Automated Firewall Change Management. Ensure continuous compliance and reduce risk with secure change management workflows

CORE Security and GLBA

ALERT LOGIC FOR HIPAA COMPLIANCE

Transcription:

SECURITY RISK MANAGEMENT FROM TECHNOLOGY VISION TO MARKET REALITY Avi Corfas, VP EMEA Skybox Security FIRST 2007 Seville, Spain

Topics The Risk Assessment Challenge What Is IT Security Risk Management? The technology The process from dream to product to market leader 1 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

The Risk Assessment Challenge What you don t know can hurt you Measuring infrastructure risk is a security and a governance requirement. Despite fortunes invested, IT infrastructure security remains the great unknown Lack of visibility poor decisions Too much information need for automation 2 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

The Task is Significant Assessing IT infrastructure risk is more of an art Impossible to connect all the dots due to information overload 10 s or 100 s of business applications 1000 s of servers, routers & firewalls 10,000 s security controls and access rules 10,000 s of vulnerabilities Continuous state of change New vulnerabilities published daily Constant network changes 3 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

However the Task Can Be Simplified Through advanced analytics, performed on a virtual model, an organization s security risk profile can be measured and risk exposure proactively reduced, while gaining insight into how effective security controls and access rules are. We Call This. Security Risk Management for IT Infrastructures 4 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

What is IT Security Risk Management? The complete process of understanding threats, prioritizing vulnerabilities, limiting damage from potential attacks, understanding the impact of proposed changes or patches on the target systems and the business, and measuring all of the above. 5 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

How is SRM Different Than SEM? Attack Life Cycle Proactive Security Risk Management Reactive Security Event Management Pre-attack Attack Starting Time Post-attack 6 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Where Does SRM Fit? Business Management Security Team IT Operations Raw Information Threat Alerts Vulnerability Scans Controls and Rules Security Risk Management Analytics Operations Execution Patches Configurations 7 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

How Does SRM Work? It All Starts With a Virtual Model Single View of Threats, Controls and Policies 8 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Simulation Access Analysis Source Attack Paths Threats Inbound Rule 35 Access = Allow Ext. Router A Inbound Rule 35 Access = Allow Ext. Router B Inbound Rule 89 Access = Allow Ext. Firewall Inbound Rule 5 Access = Allow Core Router A Inbound Rule 5 Access = Allow Core Router B Destination Business Assets War Games for Business 9 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Analysis Business Impact Analysis CIA (Confidentiality, Integrity, Availability) Regulation (SOX, HIPAA ) Damage levels Audit firewalls and uncover network policy violations Test and validate network configuration before deployment Managing the Risks That Matter 10 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Mitigation Planning and Reporting Determine the most effective countermeasures What-if scenarios Workflow automation Reports geared for technical and business audiences Plan Optimal and Safe Countermeasures 11 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

SRM examples Automating the Risk Assessment and Mitigation Planning Process Challenge: Annual IT risk assessment audit performed by a team of 10 people. Due to constant network change and daily influx of new vulnerabilities findings quickly became obsolete. Goal: Move to a continuous and automated process. Challenge: Information overload. Vulnerability Scanners discovered 8500 vulnerabilities with over 1600 ranked as severe or critical. Over 20,000 security controls and access rules. Goal: Prioritized security battle plan, based on understanding which vulnerabilities are directly or indirectly exploitable according to the network access rules in place. Challenge: Hundreds of network configuration changes processed weekly. Network engineers unable to validate if proposed changes expose the organization to unacceptable risk. Goal: Reduce change validation process from weeks to hours. 12 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Other potential SRM use cases Calculate impact of changes on network resilience Calculate impact of authentication controls on security risk Calculate impact of changes on performance Integrate Security Risk with other forms of Operational Risk SRM on data, applications, etc. 13 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Summary - SRM Can Help 1. Continuously measure your organization s IT security risk profile 2. Build a defensible case for your security control set 3. Prioritize risk reduction projects based on their business impact 4. Deploy scarce resources on the risks that really matter (ROI) 5. Automate labor-intensive tasks and achieve operational efficiency 6. Measure and track the level of security and improvement 14 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Entrepreneurial challenges Technology Culture The meaning of life 15 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Technology Challenges Consistency Scalability Integrability Manageability Usability Maintainability 16 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Cultural questions Conviction vs. communication Engineering vs. sales Local vs. global Hierarchy vs. cooperation Strong leadership vs. consensus 17 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

Fundamental questions Is it doable? Can we make a market? What exactly is that I am trying to sell? How fast should I run? Who are my constituents? Whose mistakes can I learn from? When should I let go? 18 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

A guide to the perplexed Do thorough research Surround yourself with experienced people you trust Make sure you can deal with failure and with success and with a few years of not knowing the result Then, but only then, run as fast as you can to the goal! 19 Copyright 2002-2005 Skybox Security, Inc. All rights reserved

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information