Security Collaboration
Challenges & Best Practices
“Everyone likes coordination. No
one likes to be coordinated.”
W Collaborate?
hy
• Cost benefits = reduction of time,
manpower & resources
• Do once, use many
• Improve defences at loca...
Army model
W
hy?
• Bad guys do it!
• Masters at information collaboration
• Excel at sharing:
– Tools
– Targets
– Vulnerabilities
Cultural Challenge
• “Need to know” is in our DNA
• “Need to share” contradicts our most
basic professional instincts
• Ho...
Cultural
• We fail to recognize the intrinsic value
of data.
• Data is the oil of the information age
• Any device that pr...
Intrinsic value

=
F
ailure to Understand
Cultural
• A fundamental shift has occurred
• The game changes when adding,
modifying or deleting data can result
in cash....
Cultural Challenge
• We fail to understand the
interconnectedness of all things
• We see IT security as the security of
co...
CUL URAL
T
• Copiers, faxes & scanners
• PABX, telephones & voice mail
• HVAC, UPS & fire suppressions
systems
• CCTV, car...
OL M
D ODE
L
• All IT expected to support business =
servers, O/S/ applications, desktop,
mobile devices + security
• Busi...
K
nowledge Challenges
•
•
•
•
•
•

Lack common goals & objectives
Not my job syndrome
Lack commonality of purpose
What are...
M
yopic Vision
K
nowledge Challenges
• What are the devices that give access to
those assets?
• What are the threats to those devices?
• ...
Other Challenges
Operational
Global requirement
Multiple & changing threats
Regional, country site specific
No tool
Multi-...
Challenges Summary
Why?
Recognizing the benefits
Cultural:
Recognizing “need to share” trumps “need to know”
Recognizing t...
Information Sources
Assets / Threats / Vulnerabilities / Anomalies
Interior:
Site stakeholder
Site security stakeholder
Si...
Activities?
 Policy drill down (mandating interdisciplinary collaboration)
 Subscription to threat services
 Common ass...
New M
odel Needed
Real-time information sharing
model elements:
Protection Goals
Collection
Management (analysis)
Dissemin...
M
odel Criteria
Detect L
ocally
React Globally
M
odel Objective
Model must be designed to enhance timely sharing
of relevant security threat and vulnerability
informatio...
B P
est ractices Summary
Threat information sources (internal & external)
Drill down of IT security policies and procedure...
A DIF E NT P RSP CT
F RE
E
E IVE

26 Dover Street
L
ondon
United K
ingdom
W 4L
1S Y
+44 (0)20 3586 1025
www.riskfactory.co...
Upcoming SlideShare
Loading in …5
×

Risk Factory Information Security Coordination Challenges & Best Practice

630 views

Published on

Coordinating information security golas and objectives across an enterprise can be difficult. Presentation identifies the challenges and best practices for overcomming them.

Published in: Business, Technology
1 Comment
1 Like
Statistics
Notes
No Downloads
Views
Total views
630
On SlideShare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
0
Comments
1
Likes
1
Embeds 0
No embeds

No notes for slide
  • $2,000 USD
  • $5000,000 USD
    Low risk – High reward
  • $5000,000 USD
    Low risk – High reward
  • $5000,000 USD
    Low risk – High reward
  • $5000,000 USD
    Low risk – High reward
  • $5000,000 USD
    Low risk – High reward
  • $5000,000 USD
    Low risk – High reward
  • Don’t smile. I’m serious.
  • Don’t smile. I’m serious.
  • $5000,000 USD
    Low risk – High reward
  • $5000,000 USD
    Low risk – High reward
  • $2,000 USD
  • Your kids
  • $2,000 USD
  • $2,000 USD
  • Your kids
  • $2,000 USD
  • Your kids
  • Go forth and multiply
  • Risk Factory Information Security Coordination Challenges & Best Practice

    1. 1. Security Collaboration Challenges & Best Practices
    2. 2. “Everyone likes coordination. No one likes to be coordinated.”
    3. 3. W Collaborate? hy • Cost benefits = reduction of time, manpower & resources • Do once, use many • Improve defences at local sites • Force multiplier: Army instead of in individual cyber Samurais • Achieve higher level of security
    4. 4. Army model
    5. 5. W hy? • Bad guys do it! • Masters at information collaboration • Excel at sharing: – Tools – Targets – Vulnerabilities
    6. 6. Cultural Challenge • “Need to know” is in our DNA • “Need to share” contradicts our most basic professional instincts • How do we transition from a professional culture of “need to know” to one of “need to share”?
    7. 7. Cultural • We fail to recognize the intrinsic value of data. • Data is the oil of the information age • Any device that processes, stores or transmits data = target for cyber criminals
    8. 8. Intrinsic value =
    9. 9. F ailure to Understand
    10. 10. Cultural • A fundamental shift has occurred • The game changes when adding, modifying or deleting data can result in cash. • A 21st century gold rush is underway • And everyone wants a stake
    11. 11. Cultural Challenge • We fail to understand the interconnectedness of all things • We see IT security as the security of computers, laptops, mobile devices • In fact, everything is a computer • Everything is connected to everything • = Expanding domain for cyber security
    12. 12. CUL URAL T • Copiers, faxes & scanners • PABX, telephones & voice mail • HVAC, UPS & fire suppressions systems • CCTV, card access & alarm systems • Anyone connected to your network and all of their devices
    13. 13. OL M D ODE L • All IT expected to support business = servers, O/S/ applications, desktop, mobile devices + security • Business requests IT services = security comes back with a list of no’s • Businesses don’t comply with policies they don’t understand • Only way forward = collaboration
    14. 14. K nowledge Challenges • • • • • • Lack common goals & objectives Not my job syndrome Lack commonality of purpose What are we trying to protect? Physical assets vs. informational assets Physical assets only require physical security controls
    15. 15. M yopic Vision
    16. 16. K nowledge Challenges • What are the devices that give access to those assets? • What are the threats to those devices? • What are the vulnerabilities? • What is an anomaly? • What needs reporting? • Reputation: breach = failure
    17. 17. Other Challenges Operational Global requirement Multiple & changing threats Regional, country site specific No tool Multi-directional information flows
    18. 18. Challenges Summary Why? Recognizing the benefits Cultural: Recognizing “need to share” trumps “need to know” Recognizing the intrinsic value of data Recognizing the interconnectedness of things Correct myopic vision Knowledge: Understanding what are we trying to protect? Recognizing the protection of physical assets depend on the protection of networks - shared purpose Threats / Vulnerabilities / Methodologies/ Anomalies Dissemination Site-specific threats Reporting Information flows
    19. 19. Information Sources Assets / Threats / Vulnerabilities / Anomalies Interior: Site stakeholder Site security stakeholder Site employees Exterior: All 3rd party suppliers Law Enforcement Threat service (CERT)
    20. 20. Activities?  Policy drill down (mandating interdisciplinary collaboration)  Subscription to threat services  Common asset language  Expand security testing scope  360° training programs  Centralized reporting  Threat analysis  Bulletins – actionable information: threats & vulnerabilities  Scalable distributed messaging  3rd party service level agreement audits  360° feedback
    21. 21. New M odel Needed Real-time information sharing model elements: Protection Goals Collection Management (analysis) Dissemination Multi-directional Information flows All stakeholders (interior /exterior)
    22. 22. M odel Criteria
    23. 23. Detect L ocally React Globally
    24. 24. M odel Objective Model must be designed to enhance timely sharing of relevant security threat and vulnerability information. For this enhancement to take place we must identify and breakdown the barriers that block vertical and horizontal communication within and between stakeholders.
    25. 25. B P est ractices Summary Threat information sources (internal & external) Drill down of IT security policies and procedures to address all computerized equipment Establish common denominator language Training, Training & Training “Real time” model for Protection goals Information collection Information management (analysis & applicability) Information dissemination = HIGHER LEVEL SECURITY BUT IT’S GOING TO TAKE COORDINATION
    26. 26. A DIF E NT P RSP CT F RE E E IVE 26 Dover Street L ondon United K ingdom W 4L 1S Y +44 (0)20 3586 1025 www.riskfactory.com

    ×