0
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without n...
Upcoming SlideShare
Loading in...5
×

Operationalizing security intelligence for the mid market - Rafal Los - RSA Conference 2014

988

Published on

Security intelligence is only worthwhile if a relevant piece of information is obtained and analyzed in a timely manner and able to aide a rapid decision-making process to mitigate an imminent threat – this capability is part of the new school security approach of Detect, Respond, Resolve with greater efficiency and speed which mid-market enterprises should be benefiting from.

Published in: Technology, Business
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
988
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
16
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Transcript of "Operationalizing security intelligence for the mid market - Rafal Los - RSA Conference 2014"

  1. 1. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. OperationalizingSecurity IntelligencefortheMid- Market Rafal M. Los Principal, Strategic Security Services HP Enterprise Security Services RSAConference-2014
  2. 2. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whatis“securityintelligence”?
  3. 3. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “collective set of activities, and artifacts to make intelligence- driven decisions”
  4. 4. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. detect,respond,resolvemore effectivelyintheattacklifecycle
  5. 5. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Whenyouthinkof “SecurityIntelligence”…
  6. 6. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “somethingbigenterprisesdo”
  7. 7. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. whynotyou?
  8. 8. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. thistalkisaframeworkforyou
  9. 9. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. ..togetyouthinking,motivated
  10. 10. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. requirements
  11. 11. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. highqualityinternal&external data+telemetry
  12. 12. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. internalprocesses+workstreams
  13. 13. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. qualifiedpersonnel
  14. 14. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. intelligent,optimizedtechnology
  15. 15. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. let’sbreakthatdown…
  16. 16. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. internalinformation/data– knowyourenterpriseattacksurface
  17. 17. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. forexample– • internal business plans • internal IT technology stack • known vulnerabilities • known, accepted risks • strict change management • configuration awareness • unauthorized change detection • employee activities, habits
  18. 18. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. externalinformation/data- besituationallyaware
  19. 19. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. forexample– • sentiment against your brand/organization • threat climate of your business vertical • attacks against similar organizations, vertical • specific threats against your staff/resources • geopolitical issues pertaining to your enterprise • 3rd party reported vulnerabilities • 3rd party reported exploits • weaknesses in your external technologies • reported abused enterprise assets
  20. 20. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. internalprocesses+workstreams
  21. 21. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. convertinformationintoaction
  22. 22. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. forexample– • handling of inbound, external data sources • formats: csv, pdf, dashboards and text • distilling data for relevance • collating and categorizing with internal data • prioritizing alerts based on prescribed formulas • alerting appropriate internal & external entities • creating actionable items from trusted data • triage of event(s) • incident management and handling • incident response, dfir
  23. 23. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. qualifiedpersonnel
  24. 24. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. difficultto“addon”responsibility
  25. 25. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. SOCanalyst SecurityIntelligenceanalyst..no
  26. 26. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. highlyspecializedskillset
  27. 27. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. forexample– • ability to quickly parse different log types • ability to quickly make sense of disparate data • ability to collate and correlate unstructured data • ability to write code on-the-fly (script) • proficient in many different security technologies • able to perform collaborative tasks effectively • ability to triage incidents quickly, effectively • proficiency with forensics tools • strong decision-making capabilities
  28. 28. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. intelligent,optimizedtechnology
  29. 29. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. techthatworkstogether
  30. 30. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. preferintegratedoverdisparate
  31. 31. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. techthatmakesanalysismore efficient,addscertainty
  32. 32. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. wemayknowalittlesomethingaboutthis…
  33. 33. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. quickrecap
  34. 34. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. “SecurityIntelligence”is.. the capability to detect, respond, and resolveyour security incidents though an information-driven approach.
  35. 35. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Youcandothis. Youneedtodothis.
  36. 36. © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Knowmore. Defendsmarter.
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×