Your SlideShare is downloading. ×
  • Like
London 2012 brochure - Identity, Security and Risk Management
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

London 2012 brochure - Identity, Security and Risk Management


Can CIOs really fully manage their business risk across an entire enterprise and mitigate the impact that security breaches could have on the company as a whole? …

Can CIOs really fully manage their business risk across an entire enterprise and mitigate the impact that security breaches could have on the company as a whole?

The IT systems of the Olympic Games are protected by the same system as those of our clients – Atos High Performance Security (AHPS). AHPS monitors its IT environment at all times, finding suspicious activity as it occurs. This new Fast Track Guide on Identity, Security and Risk Management is quick to read and formed from the very latest thinking and describes the Atos solutions that enable the CIO to manage business risk across an entire enterprise.

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads


Total Views
On SlideShare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Identity, Security and Risk Managementtransformingrisk efficiencyvalue and intoYour business technologists. Powering progress
  • 2. Securing your business whilemaximizing opportunities“Protecting the Businesses today are confronted with privacy and a seemingly limitless variety of threats, integrity of including identity theft, organized hacking, intellectual property ever-changing legislative and compliance and customer requirements, data loss, and more. information is part As evidence of this, an online, underground D  igital Security – Using familiar tools of bedrock of a marketplace exists where people can actually buy viruses and Trojans, such as Zeus, and then such as identity management, antivirus, modern network modify them and attack your business in new firewalls, intrusion prevention and other technologies to defend the enterprise from enabled business .” ways. These attacks are being conducted by would-be attackers. coordinated gangs interested chiefly in money, but sometimes espionage as well, and less often C  ompliance and Risk Management these days simply for ‘bragging rights’. – ensuring that your business is able to evidence alignment with regulatory and Against this ‘threat backdrop’, you are legislative requirements. Although this can simultaneously being asked to embrace involve tools and technology, it is more a multitude of new technologies. Take for focused on process enabled business example the “Cloud”. This new technology could controls, governance and staff behaviour. enable business models which may offer your company new revenue streams and innovative A comprehensive approach is required to ways to control costs, but not without taking align digital security with compliance and risk some risks. In fact, for many companies, management and critically to ensure that ‘weak security issues are preventing them from links’ are avoided. Atos’ approach combines rapidly ‘integrating with the cloud.’ a holistic understanding of security and the regulatory requirements for your industry. But, if you want to take advantage of new By understanding your business process growth opportunities, how much risk are you controls and control needs first we ensure that willing to accept, and how do you manage that your compliance and security investment and risk to the best advantage of your shareholders? operations are well aligned with your most How do you transform risk into value? Atos can pressing industry compliance requirements help you do just that. and valuable business information assets. We can help you evaluate and balance the risks Our ultimate goal is to help you to grow involved and find a way of managing those your business by enabling agile operating risk through your IT, governance and business model changes which would be too risky processes. And while managing business risk in a enterprise with less well integrated risk and digital security remains a basic business management processes. For example by requirement, it is spread across two increasingly enabling your enterprise to bring a new social complex yet related and growing areas networking enabled business to market which of concern: could generate millions in additional revenue but which will only deliver upside benefit if the downside risks are well managed. That is what we call ‘transforming risk into value’, enabling you to take the upside benefit whilst reliably managing your downside operational risks.2 Transforming risk into value and efficiency Transforming risk into value and efficiency 3
  • 3. It’s all about trust –governance to regulatorycompliance to digital security Through a three-stage cycle of assessment, transformation and ongoing management, M  itigate risk by restricting access to sensitive data and improving security monitoring “Anchoring the we help your company understand the risks it faces and how to manage those risks such that L  ower costs by managing complexity and capabilities and you can leverage new business opportunities. For example exposing business processes to automating compliance, identity and security management procedures perspectives the web for ecommerce can be a great way of opening up a new revenue stream but only if I mprove the agility of your business by of regulatory the security risks are well managed. We take providing the right people with access to the compliance an integrated view across an enterprise and its business controls, application controls and right resources at the right time. management and infrastructure controls. And because we have an in-depth understanding of both the business Our capabilities and expertise include: digital security and IT controls required for effective compliance and security we can create a unifiedapproach A  comprehensive understanding of regulatory compliance requirements together will and perspective across your company. supported by over 500 experienced business consultants and security experts worldwide reduce your total We help organizations worldwide to address cost of compliance their most complex compliance and security challenges and to: A  proven track record of executing large multinational digital compliance and security and security A  chieve business-driven governance by projects in complex IT environments management whilst automating the enforcement and reporting of A  deep understanding of digital identity management, for example we manage 17 improving the business policies and compliance mandates million secure digital identities for the UK Government Gateway Service Portal efficiency of both.” H  elp you apply effectively the regulations your industry mandates A  trusted forensic security capability which includes the operation of state accredited security product evaluation centres P  artnerships with world leading security and risk management technology providers such as McAfee, Oracle, Novell, RSA/EMC and Microsoft.Identity, Security and Risk Management (ISRM)solutions from Atos enable you to manage yourbusiness risk across your enterprise top to bottom.We have a long, exemplary history of deliveringhighly effective, award winning solutions, tailoredto individual needs. Our solutions have beendeployed at nuclear power stations, for air trafficcontrol systems and at the Olympic Games.4 Transforming risk into value and efficiency Transforming risk into value and efficiency 5
  • 4. Strengthening trustrelationships – eliminatingthe weakest link Control transformation Aligning people, process and technology enabled controls with risk appetite GRC IAB Brand Trust and Value Business Risk and Control Control Management Profiling STA MSS Managing controls Understanding risk efficiently, exposure appetiteOur approach to Identity, Security and Risk Management (ISRM) consistently andis based on a simple, three-stage methodology with the goal of reliably across the enterprisereducing risk, growing your business and enabling trust betweenyour organisation and your industry value chain. The three stages,as illustrated in the diagram, are Risk and Control Profiling, ControlTransformation, and Business Control Management.6 Transforming risk into value and efficiency Transforming risk into value and efficiency 7
  • 5. Risk and Control Profiling Ongoing Business Control Management Risk and Control Profiling enables you to discover and understand the risks you are After identifying risks and implementing exposed to, or are considering exposure to, appropriate controls, Atos can offer you whilst being able to plan your risk appetite. ongoing managementof controls and The art here is to reduce the volume of supporting technologies, ensuring an ideal unknown, unmeasured threats and unknown balance amongst compliance requirements, control requirements. This process can be IT security issues and operational expense. genuinely enlightening, sometimes revealing We offer these services via our Managed very significant business risks. Security Services (MSS) one part of which is Atos High Performance Security, which offers We support this stage from our Governance, real-time risk management, event correlation Risk and Compliance (GRC) offerings. GRC and monitoring of your security offers methodologies, processes and skilled, and compliance 24x7x365. experienced staff who can measure and benchmark risk, providing advice and support regarding the business impact and cost of treatment of topics such as legislative and “Your security regulatory control requirements, security strategy and more. and compliance management is Control Transformation only as strong as This stage enables you to change how you manage risk by addressing the people, process the weakest link.” and technology aspects of business controls. Our IAB (Identity,Access and Biometrics) and STA (Security Technical Advisory) services are designed to help you adapt controls to manage risk as effectively as possible. We can help you improve data privacy by encrypting data on mobile devices across the enterprise, or deploy identity management technologies to both lower costs and improve auditability. Other STA and IAB services we offer include reducing regulatory compliance costs via IT In January 2007, the US retail company TJX announced that automation and reducing help desk costs via biometric solutions. someone had broken into its payment systems and illegally accessed card data belonging to customers in the US, Canada, Puerto Rico, the UK and Ireland. In filings with the US Securities and Exchange Commission (SEC) in March, the company said “45.6m credit and debit card numbers were stolen over a period of more than 18 months by an unknown number of intruders.” Computer World UK8 Transforming risk into value and efficiency Transforming risk into value and efficiency 9
  • 6. Why Atos?Atos bring together risk management, regulatorycompliance and digital security. We have done “We help you navigate throughthis for Olympic Games, for nuclear power plantsand for air traffic control systems, as well as for the challenges of governance, risksome of the best known companies in the world.We put our clients first, and work to understand management and compliance,the unique challenges our clients face. We adaptour solutions to your specific needs and can while optimizing available budget.”provide total security solutions, from consultingto implementation to ongoing services. Weprovide these security services today, tothousands of clients throughout the world, andcan do the same for you. Governance Risk and Compliance Security Technical Advisory Security Maturity Assessment PCI DSS Business Continuity Management Vulterability Analysis Security Strategy Data Loss Prevention Security Awareness Training Cloud Security Assessment Services Managed Security Services Identity, Access and Biometrics Atos High Performance Security Identity Management Security Risk Management Help Desk Cost Reduction10 Transforming risk into value and efficiency Transforming risk into value and efficiency 11
  • 7. About AtosAtos is an international information technologyservices company with annual 2011 proforma revenue of EUR 8.5 billion and 74,000employees in 48 countries. Serving a globalclient base, it delivers hi-tech transactionalservices, consulting and technology services,systems integration and managed services.With its deep technology expertise and industryknowledge, it works with clients across thefollowing market sectors: Manufacturing, Retail,Services; Public, Health & Transports; FinancialServices; Telecoms, Media & Technology;Energy & Utilities.Atos is focused on business technology thatpowers progress and helps organizations tocreate their firm of the future. It is the WorldwideInformation Technology Partner for the Olympicand Paralympic Games and is quoted on theParis Eurolist Market. Atos operates under thebrands Atos, Atos Consulting & TechnologyServices, Atos Worldline and Atos Worldgrid.For more information, visit: atos.netFor more information:Please contact Atos, the Atos logo, Atos Consulting, Atos Worldline, Atos Sphere, Atos Cloud, Atos Healthcare (in the UK) and Atos Worldgrid are registered trademarks of Atos May 2012© 2012 Atos.