Your SlideShare is downloading. ×
Qualis how+to+reduce+business+risks+by+implementing+vulnerability+management+process+~20100413
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Qualis how+to+reduce+business+risks+by+implementing+vulnerability+management+process+~20100413

797
views

Published on

Reducing Business Risks By Implementing A Vulnerability Management Process

Reducing Business Risks By Implementing A Vulnerability Management Process


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
797
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
15
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. How to reduce business risks by implementing VULNERABILITY MANAGEMENT process? Edvinas Pranculis MM, CISA, CISM Regional Account Manager – Eastern Europe & Central Asia
  • 2. Agenda Risk Management Vulnerability Management QualysGuard & SaaS Model Q&A
  • 3. Risk Management Process How to treat risk? Risk Treatment Techniques Risk Transference Risk Acceptance / Tolerance Risk Mitigation / Reduction Risk Avoidance Risk Containment * AS/NZS 4360:2004
  • 4. Defining Risk & Risk Mitigation What is most effective way to reduce risk? Risk Mitigation Techniques Reduce Threats EFFECTIVENESS Reduce Vulnerabilities Reduce Asset Value Detect Recover Level of Risk = f (BI, LoT, LoV)
  • 5. Need for Vulnerability Management Vulnerabilities on Sources of Vulnerabilities network are GOLD to cyber criminals: Programming errors Unintentional mistakes – Provide unauthorized entry to Intentional malware software networks Improper system configurations – Can expose confidential information, Remote users sidestepping fuel stolen identities, violate privacy perimeter security laws, or paralyze operations Rising attacks through viewing – Exposure is extreme for networks popular websites with vulnerable devices connected Flaws in algorithms by IP etc.
  • 6. Key to Security? Fixing problems before bad guys find them… Hacking Linux Exposed “… the countermeasure that will protect you, should a hacker scan your machines with a scanner, is to scan your own systems first. Make sure to address any problems and then a scan by a hacker will give him no edge…”
  • 7. Security + Compliance Lifecycle Workflow Under this new paradigm, a system is deemed out of compliance if it is: Vulnerable to attacks Improperly configured In violation of internal policies or external regulations
  • 8. Security + Compliance Delivered as a Service Bringing Security and Compliance Audits in a Single Solution, Operationalising it and Delivering it as a Service NO SOFTWARE TO INSTALL AND MAINTAIN
  • 9. Reporting Communicate and consult And Delivering it as a Service The Security + Compliance Conundrum Leveraging CobIT, ISO, ITIL and NIST Security & Compliance Frameworks
  • 10. QualysGuard Global Infrastructure Security + Compliance End to End Security Annual Volume of Scans: 500+ millions IP audit scans with 7,000 scanner appliances in over 85 countries The world's largest VM enterprise deployment at a Forbes Global 50 with 220+ scanner appliances deployed in 52 countries scanning ~700 000 IPs
  • 11. QualysGuard Adoption by Industry Verticals Page 2 of 2 Media Energy/Utilities Consumer Products Health Care Manufacturing Education Transportation Government
  • 12. QualysGuard Adoption by Industry Verticals Page 1 of 2 Insurance Financial Services Financial Services Chemical Portals/Internet Retail Technology Consulting
  • 13. Qualys Strategic Partners Global Partner Network Media
  • 14. Benefits of Vulnerability Management Vulnerability management gives you control and visibility to manage your networks security effectively and document compliance Vulnerability management is PROACTIVE approach to security
  • 15. Q&A Thank You epranculis@qualys.com Please visit www.qualys.com for a 14-day FREE trial - NO SOFTWARE TO INSTALL OR MAINTAIN -