Solution overview

Protect what
Security Breach Management Solution
Solution overview | Security Breach Management Solution

Cyber breaches come from a variety of sources. Some
are subtle; s...
Solution overview | Security Breach Management Solution

Our approach





Breach management

Solution overview | Security Breach Management Solution

•	Digital Forensics Services—Security experts and HP technology l...
Upcoming SlideShare
Loading in...5

Security Breach Management Solution


Published on

Solution Overview Security Breach Management

Published in: Technology
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Security Breach Management Solution

  1. 1. Solution overview Protect what matters Security Breach Management Solution
  2. 2. Solution overview | Security Breach Management Solution Cyber breaches come from a variety of sources. Some are subtle; some are not. A majority go undetected until a third party notifies the enterprise. Then the impact can be enormous. It’s difficult to prevent a security breach. Mobility and cloud threats are increasingly sophisticated, persistent, and unpredictable. You’re dealing with complex technology crossing hybrid environments and diverse geographies. And despite your efforts, business dynamics, technology, and evolving threats are a continuous challenge and can often result in unforeseen events. Breaches come from a growing variety of sources: • IT system attacks and intrusions • Unauthorised system activity • Malicious software • Advanced persistent threats • ther access, manipulation, or deletion O of information and data Four primary requirements for effective breach management • Define • Detect • Defend • Deter HP delivers flexible choices: • Forensic Readiness Services • Managed Security Information and Event Management (SIEM) • Security Incident Response Services • Digital Forensics Services • E-Disclosure/e-Discovery Services • Data Recovery Services Breaches can also come from a growing variety of sources: IT system attacks and intrusions, unauthorised system activity, malicious software, advanced persistent threats, and any other access, manipulation, or deletion of information and data. Many breaches are so subtle in nature that the overwhelming majority go undetected until a third party notifies the enterprise. Their impact can be enormous: They can cripple normal operations and damage relationships with customers and investors. The organisation may be subject to steep financial penalties and breach notification laws in specific industries or locations where they do business. In fact, the average breach event is likely to cost several million dollars in staff time, productivity, and legal restitution. The damage to the company’s reputation can be incalculable. But you can’t lock everything down. Securing enterprise information means something completely different in a world where you share, collaborate, and openly exchange data in a complex technical environment. Today’s enterprise security must be flexible enough to enable high volumes of interaction. It also must mitigate risk and ensure compliance. Organisations will need to enable secure access to the correct information in the context of each decision. This means advanced security tools covering exchanges inside and outside of the enterprise. When technology is evolving fast, this sophisticated and evolving protection can be a major IT undertaking. HP can help you establish the processes and procedures for an optimal end-to-end approach to breach management. Whether you’ve had a breach or want to create an effective response capability, we rapidly deploy a highly skilled and experienced cyber security team and our progressive technology to your enterprise. We’ll collaborate with you to establish visibility, remediate issues, and put tactics into place that guard against future incidents. We provide full lifecycle solutions that let you confidently implement forward-thinking ideas and get better results. You’ll also move beyond risk reduction and compliance to plans that enable your enterprise to achieve more, exceed expectations, and embrace innovative technology. Define. Detect. Defend. Deter. There are four primary requirements for effective breach management. These should form the core of your strategy and are the abilities you must develop as a secure organisation. Define Enterprises need to define an overall strategy and security lifecycle to be prepared to detect and defend against attacks. This should address planning, risk assessment, policy creation, and controls. Robust business and technical architecture can greatly add to the level of resilience required to withstand a concerted attack. By building security into this architecture, organisations can know they are as prepared as can be for breaches. 2
  3. 3. Solution overview | Security Breach Management Solution Our approach Define Detect Defend Deter Breach management Read i ne s s • Threat analysis re • Forensic interrogation c t i ve m ea su • Situational awareness Posture analysis rre Event monitoring • Comprehensive visibility Co Security controls Programme maturity s Detect Early detection limits the damage caused by an attack. After an organisation has a clear and defined strategy, it is critical to ensure there is an ability to monitor and detect potential activity. Understanding baseline environment volumes, types, and performance is essential to knowing types of attacks, points of attacks, and the attack vector used. It takes a combination of people, process, and technology to develop a method for gaining situational awareness and actionable security intelligence, which will help you prepare for rapid alerting of attacks. Defend There are no fail-safe measures available to prevent attacks; however, HP recommends protecting your critical services and information through defined strategies. Your defensive strategy should reduce risk through threat removal, closure of the vulnerability, and control of the impact. A strong approach is a multilayered defence that helps you identify a breach faster, react quicker, minimise impact better, and reduce ongoing exposure. This results in a cost reduction, greater control, and declining risk exposure over time. Deter Collaboration and sharing of security intelligence enable organisations to identify and overcome many attack methods and sources. With robust mechanisms in place for tracking, logging, and auditing security breaches, there is support for legal pursuits against attackers. Review flexible choices HP can integrate existing technologies and services into an overall security breach management solution from a tactical, remedial, or strategic perspective. Our portfolio enables you to leverage our services as an integrated approach or for a specific need. Relevant services include: • Forensic Readiness Services—Specialised consulting and assessment are used to create a proactive plan to identify valid changes within your IT environment. This lets you trace a forensic trail and produce the best possible digital evidence in the event of a security incident, diminishing disruption and cost to the business. • Managed Security Information and Event Management (SIEM) —Services provide a designed, built, and managed system to collect and correlate masses of information and transform it into comprehensive dashboard displays and management reports, and actionable alerts. With SIEM, you can detect fraud, expose internal and external threats, and spotlight weaknesses in security enforcement. These services also demonstrate government regulations and policies compliance. • Security Incident Response and Breach Response Services— Expert monitoring is always available 24x7x365, providing detection and countermeasures through rapid, predetermined incident response. In the event of a breach, we dispatch a team of security experts to your location for immediate breach containment plus assessment, investigation, and recommendations to reduce future vulnerability. HP can send this team as a onetime activity or as part of a regular service based on retainer/contracted hours. Featuring HP ArcSight, SIEM technology, and Breach Response Services, and leveraging our teams’ expertise around the clock, we ensure incidents are escalated and processed quickly and efficiently when they arise. 3
  4. 4. Solution overview | Security Breach Management Solution • Digital Forensics Services—Security experts and HP technology locate, secure, and interpret data to determine the outcome of high-stakes investigations. This may include historical and real-time analysis, centralised forensic services, and implementation of compensating controls to expose and isolate sophisticated threats. • E-Disclosure/e-Discovery Services—Specialists in military and law enforcement backgrounds develop tight processes for accurate data capture, logging, and audit trail reporting for use in legal and regulatory investigations following an incident. • Data Recovery Services—Mitigate data loss or deletion consequences by designing and implementing processes for backup and recovery. Experienced security services teams are on call 24x7 to act as your virtual team or as an extension to your team. Meet your needs When it comes to security breach management, security requirements and expectations differ dramatically from one enterprise to another. That’s why HP provides flexible services, all in tune with your specific enterprise, industry, and geographic needs. We deliver what you need the most, including: • 24x7x365 rapid response from a highly experienced and industry-certified global security incident response team • Global and multilingual support to help you wherever you are located • Less downtime through a fast and experienced response • Experience with compliance and regulatory requirements • Our efforts ensure that operational integration is tightened amongst security incident response services, SIEM services, host- or network-based intrusion detection services, or other protective monitoring solutions and technologies. Expect expertise Across the security spectrum and throughout your operations, HP delivers the solutions that protect what matters. Incorporating HP Labs and the capabilities of our industry partnerships, we deliver cutting-edge technologies to help you securely manage the appropriate sharing of information and capture opportunities. Our capabilities across traditional IT and hybrid environments include: • Security consulting and technology • Managed security services • Security governance • Risk and compliance services Our highly experienced team includes: • Over 3,000 security and privacy professionals worldwide • Sworn law officers and former law agents experienced in case tracking, investigation, and resolution • Consultants with a variety of global IT and security certifications, including CHECK, CLAS, CISSP, CISM, CISA, CLEF, IISP, ISO 27001 Lead Auditor, PCI QSA, and more Learn more at Sign up for updates Share with colleagues Rate this document © Copyright 2012, 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. 4AA4-4441EEW, January 2013, Rev. 1