How much does it cost to be Secure?


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Level 1 – Focus on High Turnaround and Training Costs Level 3 are usually not fully onsite – This extend Time to Exposure Focus on reducing Time to Exposure Different Tools requires Different Skills and Different Training Focus on the Human Element – The human make mistakes by design © 2008 NetIQ Corporation. All rights reserved.
  • © 2008 NetIQ Corporation. All rights reserved.
  • How much does it cost to be Secure?

    1. 1. Improve ROI on Security and Compliance Management June 7, 2010
    2. 2. How Much It Cost To Be Secure? First Level Third Level Second Level *Calculated on 2080 Hours/Year Deeper it goes, longer is the Exposure and the associated Risk Cost Standard IT Security Model Resource Type Ownership % Hourly Cases Hourly Cost* Help Desk & Service Desk Low Skill Resources High Turnaround 68% 4 22$ IT Professionals Platform Specific In-House Personnel 26% 1,5 44$ Security Officers Technology Specific Mostly External 6% 0,13 112$
    3. 3. <ul><li>High value resources consumed by simple tasks </li></ul><ul><li>Different skills required for different platforms </li></ul><ul><li>Training costs </li></ul><ul><li>Adoptions of service management frameworks that incur higher than expected costs </li></ul><ul><li>Roles and responsibilities not formalized </li></ul><ul><li>New technologies that introduce unexpected management challenges </li></ul><ul><li>Inability to track and evaluate response times </li></ul><ul><li>The User is never part of the Solution </li></ul><ul><li>Impossibility to calculate the per-piece/per-transaction managing Security impact cost </li></ul>And Why?
    4. 4. Goal of IT Management Become an Efficient Business Enabler Operational Efficiency Business Enablement Goal: Cost Effective with Optimized Service Delivery Sub-Optimal: Cost-Centric and Tactical with Marginal Services Current State: Expensive and Tactical with Limited Perceived Value Sub-Optimal: Aligned To Business Goals But Expensive Efficient Business Enabler A Low Cost Provider C Expensive Business Enabler B Low Value Provider D
    5. 5. Management’s Dilemma Operational Efficiency vs. Business Enablement Significant up-front investments and the need for profound changes jeopardize or delay expected cost reductions . Off-shoring and outsourcing, combined with little investment in processes, often forsake agility and business enablement . “ The Cost Cutter” “ The Framework Adopter” Operational Efficiency Business Enablement Operational Efficiency Business Enablement
    6. 6. A Different Approach IT Process Automation Provides a Direct Route to Improve Efficiency IT Process Automation enables you to: 1 Reduce Inefficiencies from Current Security Mgmt Tools <ul><li>Eliminate manual intervention caused by routine, highly mundane tasks </li></ul><ul><li>Free administrators to focus on more critical problems to the business </li></ul>2 Integrate Tools within IT Security and Operations 3 <ul><li>Combine management data with contextual information to further streamline IT run books </li></ul><ul><li>Allow IT managers to reallocate resources to deliver strategic business projects </li></ul>Integrate the Business into IT Security Mgmt Processes <ul><li>Bridge security and business users by formalizing responsibilities within the context of IT processes </li></ul><ul><li>I mprove business alignment and reduce IT costs by involving the business in IT processes </li></ul><ul><li>Simultaneously improve both business enablement and operational efficiency </li></ul><ul><li>Demonstrate improvements in the short term and long term </li></ul><ul><li>Support both framework adoption and cost-cutting strategies </li></ul>Operational Efficiency Business Enablement 1 2 3
    7. 7. The NetIQ Security Vision Audit Monitor Control <ul><li>Be efficient on risk vs. business value </li></ul><ul><li>Understand the security and risk posture </li></ul><ul><li>Satisfy compliance mandates </li></ul><ul><li>Distributed, multi-vendor environments </li></ul><ul><li>Business alignment and policy exceptions </li></ul><ul><li>Configuration drift </li></ul><ul><li>Evolving best practices and vulnerabilities </li></ul><ul><li>Reduce risks of privileged user access </li></ul><ul><li>Protect sensitive corporate data </li></ul><ul><li>Quickly resolve threats </li></ul><ul><li>Satisfy compliance mandates </li></ul><ul><li>Invisibility of privileged user activity </li></ul><ul><li>Large volume of user-generated events </li></ul><ul><li>Excessive privileged access rights </li></ul><ul><li>Lack of integration </li></ul><ul><li>Manage planned and unplanned changes to production systems </li></ul><ul><li>Harden business elements efficiently </li></ul><ul><li>Satisfy compliance mandates </li></ul><ul><li>Impractical or ineffective change auditing </li></ul><ul><li>Restricting permissions without impeding service delivery </li></ul><ul><li>Inability to relate changes to change authorizations </li></ul>Monitor and Manage User Activity Control and Audit Configuration Manage and Enforce Change Control Goals Challenges Our Approach NetIQ Solution NetIQ Solution NetIQ Solution All of those through Automation
    8. 8. Control and Audit Configuration Primary Goal: Protect systems, applications and data in accordance with their business value and satisfy compliance mandates NetIQ Delivers Real-time event correlation reduces alert volumes while highlighting critical events, improving incident management while reducing costs. TRACE™ technology delivers log management, protects the chain of custody, and provides trend analysis and forensics to meet evolving mandates. Powerful auditing of user activity and access controls helps meet compliance mandates and address both inside and outside threats. Effective detection at both the host and network level provides better protection of corporate data and demonstrable oversight of change controls. What's Needed Event Correlation and Analysis Log Management and Forensics Access Control and User Monitoring Change and Threat Detection Challenges What's Needed 1. Security events and alerts often overwhelm security staff, inhibiting effective security incident management. Event Correlation and Analysis 2. Evolving mandates require more than simple log consolidation, to encompass integrity of data, chain of custody, and forensic reporting. Log Management and Forensics 3. Effective protection of corporate data is dependent on user activity monitoring, which is often inhibited by native capabilities. Access Control and User Monitoring 4. Intrusion detection and log monitoring are insufficient to meet the evolving mandates for data protection and change control. Change and Threat Detection
    9. 9. Monitor and Manage User Activity Primary Goal: Maintain the infrastructure, applications, user accounts, and security per business requirements NetIQ Delivers A prevention-oriented, proxy-based administration solution delivers higher availability than that of system-wide backup and restoration. Non-hierarchical, rules-based delegation simplifies safely granting privileges to users. Automated tasks triggered by events streamline routine administrative tasks, saving time and improving service. Automation and repeatability, along with Active Directory and Unix users optimization, assures business availability and satisfied end users. What's Needed Prevention and Recovery Delegated Administration Administrator Task Automation Migration and Optimization Challenges What's Needed 1. Administrative errors and malicious acts threaten the integrity and reliability of systems and services. Prevention and Recovery 2. Native tools make it impractical to enable non-administrators to make routine or low-risk changes. Delegated Administration 3. Manual, routine tasks often consume valuable skilled resources. Administrator Task Automation 4. Diversity, complexity and emerging technologies increase the time to deploy and operate systems management tools. Migration and Optimization
    10. 10. Manage and Enforce Change Control Primary Goal: Real time enforcement of an organization policy throughout the different layers of the IT infrastructure. Without stopping the services operations CalCom Delivers Automated Process for Real Time Policies Enforcement within the different IT Layers, not stopping the normal operations An extensible library with hundreds of Policy Process Protection Rules covering OSs, Applications, Users Behavior, Network Connections Learning Mode to understand how and element should behave. Unparalleled capabilities in Monitoring, Auditing, Access and Change control Built-in reports, Regulatory Compliance Reports, Policy Center © – Gap Analysis Report and Compliance Dashboard © What's Needed Hardening Solutions that doesn’t harm or stop the Services Operations Harden not only basic Objects but also ensure Applications proper utilization and regulate Policies Changes and Access Easily p rovide Real Time Policies monitoring and implementation Unparalleled reporting capabilities on regulatory compliance Challenges What's Needed 1. Real time enforcement of an organization policies on the IT Infrastructure layers, without harming the Services Operation Hardening Solutions that doesn’t harm or stop the Services Operations 2. Protect and enforce the organization’s Policy Processes through verifying the User behavior Harden not only basic Objects but also ensure Applications proper utilization and regulate Policies Changes and Access 3. Monitor, alert and prevent policies break, rolling back to any change of the hardened element following the Policies Easily p rovide Real Time Policies monitoring and implementation 4. Be able to produce a wide range of regulatory reports, gap analysis, what if analysis and compliance dashboard Unparalleled reporting capabilities on regulatory compliance
    11. 11. All of Those Through Automation Workflow Automation Engine NetIQ Products Message Bus, Resource Model, CMDB 3 rd Party Best-of-Breed products Run Books (Event Correlation, Fault Recovery, Routine Server Restarts, etc. ) Processes (ITIL Incident Management, Change Management, DR testing, etc.) Correlation Engine AM SM/CG SCM DRA SCOM HPOM Remedy Smarts Adapters Bi-directional data collection and control Activity Libraries Workflow building blocks that control other tools Process Templates Provides built-in knowledge Presentation Layer Consoles tailored to specific users Independent Engines Allow data processing scalability Resource Mgmt DB Normalizes data from diverse tools Ops Console Config Console Reports … …
    12. 12. At The End This is What Really Counts
    13. 13. Real World Example On Self Password Reset
    14. 14. <ul><li>NetIQ Aegis </li></ul><ul><li>NetIQ Security Manager </li></ul><ul><ul><li>CalCom Hardening Module </li></ul></ul><ul><ul><li>NetIQ Change Guardian for Databases </li></ul></ul><ul><ul><li>NetIQ Change Guardian for Active Directory </li></ul></ul><ul><ul><li>NetIQ Change Guardian for Group Policy </li></ul></ul><ul><ul><li>NetIQ Change Guardian for Windows </li></ul></ul><ul><li>NetIQ Secure Configuration Manager </li></ul><ul><li>NetIQ Security Solutions for iSeries </li></ul><ul><li>NetIQ Identity Integration Suite </li></ul>The Cast and The Crew
    15. 15. Total Economic Impact ROI and Payback Period for NetIQ IT Security Process Automation <ul><li>Organizations can realize benefits in the form of improved productivity for system administrators, as well as other IT professionals, through the automation of common IT processes. </li></ul><ul><li>Higher ROIs are achievable with each additional process automated through Aegis. In general, an organization would expect greater returns as more workflows are implemented to reduce the amount of time required to perform a given process. </li></ul>F ORRESTER ® Summary financial results Original estimate Risk-adjusted ROI 150% 141% Payback period (yrs) 1.1 1.2 Total Benefits (PV) $1,232,563 $1,192,083 Total costs (PV) ($493,847) ($495,549) Total (NPV) $738,716 $696,534
    16. 16. Next Steps with NetIQ & CalCom © 2010 NetIQ Corporation. All rights reserved. Your Need Action Items Learn More about IT Process Automation <ul><li>Visit and </li></ul><ul><li>Schedule an online demo </li></ul><ul><li>Attend a NetIQ webinar </li></ul>Validate Our Approach <ul><li>Read Forrester SWOT and Total Economic Impact™ Study </li></ul><ul><li>Read Gartner SIEM Magic Quadrant™ report </li></ul><ul><li>Read Gartner IT Governance, Risk & Compliance MarketScope™ </li></ul>Build a Business Case for NetIQ <ul><li>Read Forrester Total Economic Impact™ Study </li></ul><ul><li>Complete ROI calculation with NetIQ and CalCom </li></ul><ul><li>Complete an internal business case </li></ul>Assess NetIQ for a Technical Fit <ul><li>Schedule a technical discussion with our engineers </li></ul><ul><li>Implement a Proof Of Concept (POC) onsite </li></ul><ul><li>Engage our consultancy services to perform an onsite assessment </li></ul>Prepare for IT Process Automation <ul><li>Optimize your existing deployment </li></ul><ul><li>Work with NetIQ/CalCom consultancy to plan a roll-out </li></ul><ul><li>Leverage introductory pricing to implement a production pilot </li></ul>
    17. 17. <ul><li>Marco Bianchi </li></ul><ul><li>Sales Director Italy, Greece, Israel and Cyprus </li></ul><ul><li>World Wide New Offerings Director </li></ul><ul><li>+39 348 2214412 </li></ul><ul><li> - </li></ul><ul><li> - </li></ul>