Bolster security with an end-to-end lifecycle approach

1. HP ENTERPRISE SECURITY CONSULTING SERVICES
Bolster security with an end-to-end lifecycle approach
At-a-glance
To help our clients achieve cost-effective, efficient, and improvement. Failure to address security in even one
business-driven information security, HP Enterprise stage can ratchet up risk and introduce vulnerabilities,
Security Consulting Services are designed around an not just in that stage, but throughout all links in the
information security lifecycle. This holistic consulting lifecycle chain.
approach helps ensure that your information security
is effective and aligned to your financial and business Consulting services for every security
goals, as well as legal and regulatory requirements. lifecycle stage
HP Enterprise Security Consulting Services help
The information security lifecycle
you to implement and maintain cost-effective and
True information security in the enterprise demands efficient management of risk throughout the ATOM
more than just limiting access, chasing viruses, and security lifecycle. You simply select one or more of the
erecting firewalls. We prefer to think of security as a complementary packages below, and our consultants
comprehensive, end-to-end process, the ATOM security provide a set of clearly defined consulting services that
lifecycle. It begins with Assessment of your current together cover every stage of the security lifecycle. HP
state, continues with Transformation of that state, Enterprise Security Consulting Services add up to an
moves to security Optimization, and finally to best integrated and holistic security offering that delivers
practice Management that leads to continual complete, consistent information security for the global
enterprise, as well as an environment of continuous
security improvement.
Consulting services in the ATOM security lifecycle • Security Risk and Control Assessment: Delivered
by our experienced consultants, this assessment
can include an interactive security discovery
Manage workshop as well as evaluation of both strategic
and business risks. This consulting service enables
Managed governance a comprehensive risk management plan—a
and compliance
roadmap that forms the foundation for security
1. Security Risk 6. Security
improvements throughout your organization.
and Control Governance
• Security Architecture and Technology
s
Assessment and Compliance
ses
Integration: With an understanding of risk and
Man
As
Risk management Analyzed risk a roadmap for improvement in place, the next
age
plan management reports
step is to design your security architecture
2. Security and infrastructure, and to integrate essential
Architecture and 5. Security Metrics
security technologies. Security Architecture
Transform
Technology and Reporting
Integration and Technology Integration includes
design/build services that result in a fully
Risk management
systems
Risk management
data
functioning cybersecurity implementation.
It also offers a complete list of services
ize
tim
3. Threat and 4. Digital devoted to security incident and event
Op
Op
Vulnerability Investigation
management (SIEM), as well as services
tim
Management Services
for identity and access management,
ize
Proactively managed data protection, and privacy. Together
risks
these consulting services help you
design and implement a full-featured
Optimize risk management system that
meets the security needs of your
enterprise.

2. • Threat and Vulnerability Management: Once best practices and helps solve both technological
you have a securely designed infrastructure and and business-related information security issues.
appropriate technology in place, HP services can Another service is compliance management, in
help you proactively manage risk. Using tools from which HP security consultants work with your teams
HP and other vendors, consultants analyze internal to assure end-to-end adherence to your security
and external threats, using a risk-based approach strategy, policies, and operations. These services
to proactive management. Penetration testing helps also can address specific issues, such as meeting
identify any network vulnerabilities and prioritize the ISO 27001 standard for information security
them in terms of severity and risk. In addition, our management systems, or complying with the
consultants can eliminate vulnerabilities by deleting Payment Card Industry (PCI) Data Security Standards
data from storage devices, or even physically (DSS 2.0). In addition, government-accredited
destroying those devices. consultants are at your command for authoritative
• Digital Investigation Services: The next vital element advice and guidance on security risk management,
of risk management in the lifecycle is the collection and to help you make management decisions in
of risk management data, via services for response accordance with official policy.
and investigation discovery. When an actual
or potential incident occurs, a Security Incident Why HP for enterprise security
Response Team (SIRT) helps you rapidly implement consulting
countermeasures to deal with it, while digital/ Engaging a security consultant does not change
computer investigation services help investigate the fact that information security risk management
inappropriate or illegal activity and can collect is still your responsibility. However, HP Enterprise
and present evidence for legal purposes. We also Security Consulting Services are designed to
provide e-Disclosure/e-Discovery services that help you transform your information security risk
can recover lost data from most types of media, management from circumstances where you rely
including RAID devices, hard disk drives, or solid- on tactical, technological infrastructure fixes to a
state media. stable environment where you are in full control of
• Security Metrics and Reporting: In addition to risk the risk to information and data. To get you to that
management, we offer services to help you capture safe, stable state, we arm you with unparalleled
metrics about your risk response, and we use security knowledge and skills, and provide you with
predictive analysis and appropriate monitoring to full assurance of the confidentiality, integrity, and
help ensure your responses to threats are continually availability of your business-critical information assets.
improving. An iterative security workshop captures
We are uniquely able to offer a comprehensive,
your organization’s metrics; that data is then fed to
holistic, and business-based approach to information
a sophisticated modeling process designed by HP
risk management throughout the security lifecycle,
Labs to produce customized predictive scenarios.
and to offer that approach on a worldwide scale.
These services can produce a risk management
Moreover, with HP you are assured of unrivalled
report and analysis and help you make cost-effective
access to technology, a thorough understanding of
strategic decisions about future risk management.
best practice standards, and the leadership that comes
• Security Governance and Compliance: Our with HP’s cutting-edge research and development.
governance and compliance services help ensure
managed governance and compliance throughout
For more information
the entire security lifecycle. You can, for example,
engage a senior HP security consultant who, acting www.hp.com/enterprise/security
as Client Security Officer (CSO), shares industry
Share with colleagues
Get connected
www.hp.com/go/getconnected
Get the insider view on tech trends, alerts, and
HP solutions for better business outcomes
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only
warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein
should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
4AA3-9669ENW, Created February 2012