Stay out of headlines for non compliance or data breach
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Stay out of headlines for non compliance or data breach

on

  • 287 views

Tight alignment between compliance and security capabilities can make each component stronger than it would be by itself. Organizations that blend the two not only more effectively combat targeted ...

Tight alignment between compliance and security capabilities can make each component stronger than it would be by itself. Organizations that blend the two not only more effectively combat targeted attacks and data breaches, but also more easily meet compliance requirements and avoid expensive fines. Learn how leading organizations are leveraging continuous monitoring and incident response management to achieve a more secure and compliant enterprise.

Statistics

Views

Total Views
287
Views on SlideShare
287
Embed Views
0

Actions

Likes
0
Downloads
5
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Our point of view, simply stated, is that to realize our ideas, we all need the best information and applications delivered quickly and securely, whether traditionally, mobile,or in the cloud.Weneed the best information and applicationsOur employees and colleagues need the best information and applicationsOur customers and partners need the best information and applications.
  • At HP, we believe that we live in a time of limitless possibilities, a time in human history where our creativity, passion, energy, and vision all have the potential to be made real. To have a meaningful impact on your world. Cloud services, the free flow of capital, and borderless access to talent and markets mean that even the smallest business can act with the scale of an enterprise while enterprises are now free to act with the speed of a startup.  The challenge is, how do you capitalize on opportunities quickly while navigating risk:(Suggest picking 2 or 3 of the bullets and making personal with a customer example. Below are few possibilities):Whether it’s to create new business and IT delivery models… Consider European pharmaceutical company, Novo Nordisk, who created an entirely new business model – a “pharma cloud” of IT services based on HP’s cloud solution -- they could sell to other pharma companies.Whether it’s to speed innovation cyclesDelta Air Lines is a great example here – using our application quality software, they’ve been able to shave 50% of the time out of testing cycles so they can deliver new capabilities to Delta.com and their mobile properties to improve customer experience.Or whether it’s mining vast, rich data setsTake online social game provider, Zynga – who is able with HP Vertica to analyze tens of billions of rows of data every day to improve the financial performance of their games.
  • Yes, you are under attack now, your organization is under attack, your personal computer and mobile devices are under attack now. Your data is no longer secure. Your privacy may be breached.Security is a board level discussion now. The Chief Information Security Officer sits at the heart of the response to the growing threat. They have increased budgets now to address the growing threat and to keep the IT organizations safe. 56% ORGANIZATIONS HAVE BEEN THE TARGET OF NATION-STATE CYBER ATTACK – so there is a 50% chance that your organization may be attackedCLICKAlso,Gartner survey of Enterprise CIO’s the 5 biggest challenges that enterprise faced in Security and risk were: Managing RiskReduce CAPEXFill Security GapsOptimize security gapsAdapt to changing regulations
  • Assess the effectiveness of internal controls Proactively manage complianceReduce operational cost of complianceidentify gaps that present a risk integrity and availability of regulated informationDemonstrate compliance to auditorsChange management of regulations
  • Over 7500 security vulnerability filters

Stay out of headlines for non compliance or data breach Presentation Transcript

  • 1. Stay out of headlines for non-compliance or security breach Gant Redmon Sridhar Karnam Co3 Systems, General Counsel Management HP Enterprise Security Product 1 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 2. “If you know the enemy and know yourself, you need not fear the result of a hundred battle” Sun Tzu, The Art of War 2 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2012
  • 3. Security and Compliance becoming the same thing - PCI, HIPAA, GLB “75% of CISOs who experience publicly disclosed security breaches and lack documented, tested response plans will be fired” - Gartner: July 2012 expediency v. accuracy “It’s about the response … with all hands on deck in a coordinated manner.” - Gant:January 2014 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 4. Breach Response Track 1: Focus on cause analysis, remediation and customer communication Track 2: Legal compliance, communication with authorities, corporate filings Companies often do Track 1 and then Track 2 But these tracks don’t have to be separate. Incident response plans need to cover more that closing the vulnerability © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 5. How much does privacy cost? © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 6. How much do hackers pay? 6 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. $499 $499 $499 $399 $33 $55 $99 $88 $99
  • 7. Security is a bigger than just an IT problem Security is a board level discussion Cyber threat Data Breach CISO 56% of organizations have been 94% of the data breaches were Financial loss $8.6M average cost associated the target of a cyber attack reported by third-parties with data breach 30% market cap reduction due to Cost of protection 11% of total IT budget spent on Reactive vs. proactive 7 Reputation damage 97% of data breaches could have © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. recent events security been avoided
  • 8. Compliance landscape Annual cost of SOX compliance: $1.8M or equivalent cost of roughly 14.4 employees! • • • • • User management Access control/authorization Change management Security operations Differences is mainly in interpretation • Leverage similarities to increase efficiencies and reduce costs • Consistent themes across regulations 8 NIST SAS 70 ISO 27001 NIACAP FISMA FTC SEC • Any similarities in compliance activities? SOX OCC CobiT FERC/NERC ISO 17799 PIPEDA COSO NY Privacy J-SOX US Patriot Act DITSCAP GLBA FFIEC © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. DATA HIPAA ITIL Basel II PCI CA-1386 FDPA
  • 9. Compliance Problem Too complex… Silo’d products… Big data… Expensive… policies and controls change often don’t learn or share information too much data to process and understand the pattern each regulation needs resources and budget 9 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 10. 70% similarities between compliance & security User Management IT Security Access / Incident Authorization Management SOX HIPAA NIST FISMA HIPAA PCI SOX FISMA PCI NIST CobiT 10 CobiT © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Security Operations Management Operations
  • 11. Why use multiple tools then? Security Compliance Common Text challenges Operations 11 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 12. Best Practices © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 13. Vision: Consolidated view Single view of IT security, IT operations, and IT GRC Heat map • Prioritization • Heat map of risk to business services 13 Asset mapping • Quick isolation of incidents and threats • Vulnerability score and intelligence Risk indicators • Aggregation of multiple risk sources • Risk reporting and trending © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Continuous compliance • Continuous monitoring • Compliance analytics
  • 14. Strategy: Centralized approach Seamless integration of security and compliance tools – No point-solutions SECURITY User Provisioning Identity & Access Mgmt Database Encryption Anti-Virus, Endpoint Firewall, Email Security See Everything Act Understand Context COMPLIANCE User Management Auditing and audit logs Dashboard and Reporting Controls monitoring Disclosure 14 See Everything © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Proactive Risk management
  • 15. Best Practice 1: Continuous monitoring Security information and event management (SIEM) approach to continuously and comprehensively monitor and correlate data across the organization • Collection complete visibility Monitoring & alerting Dashboar d Analysis Machine Data IT GRC • Search quickly to simplify IT • IT GRC & Security in a single tool Search Log Collection 15 • Analyze events in real time to deliver insight • Reporting on log data • IT operations through monitoring & alerting © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 16. Best Practice 2: Assess controls Correlation of all the data 24/7 Real-time, cross-device correlation of logs and events across IT • Correlation = Establishing relationships • Connect roles, responsibilities, identities, history, and trends to detect business risk violations • Pattern recognition • Anomaly detection • The more you collect, the smarter it gets 16 Software Hardware © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. People Process
  • 17. Best Practice 3 : Unify data across IT Convert all machine data into common format for search, report, and retention Raw machine data Jun 17 2009 12:16:03: %PIX-6-106015: Deny TCP (no connection) from 10.50.215.102/15605 to 204.110.227.16/443 flags FIN ACK on interface outside Jun 17 2009 14:53:16 drop gw.foobar.com >eth0 product VPN-1 & Firewall-1 src xxx.xxx.146.12 s_port 2523 dst xxx.xxx.10.2 service ms-sql-m proto udp rule 49 Unified data Time (Event name Time) Device Vendor DeviceProduct Category Behavior Category DeviceGroup Category Outcome Category Significance Cisco PIX /Access /Firewall /Failure /Informational/ Warning /Access/Start /Firewall /Failure /Informational/ Warning 6/17/2009 12:16:03 Deny 6/17/2009 14:53:16 Drop Checkpoint Firewall-1/VPN-1 Benefit: Single data for searching, indexing, reporting, and archiving 17 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 18. Best Practice 4: Next-Generation Network Monitor network activities for malicious activity through IPS and log Security management Digital Vaccine Labs • Delivers zero-day coverage Next-Generation IPS • 99.99999% of network uptime track record Integrated Policy Next Gen FW Next-Generation Firewall • Granular application visibility and control 18 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Security Management System • Centralized management console across NGIPS and NGFW
  • 19. Best Practice 5: Think security from the Develop immunity for threats right through development of applications begining Automated code testing Manual review Testing of code during development 19 App runtime testing Security testing of 3rd party Security experts © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 20. Best Practice 6: Incident Response Readiness to validate and respond the incidents Prepare 20 Assess & report © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Manage
  • 21. Incident Response Framework PREPARE Improve Organizational Readiness • • • • Assign response team Describe environment Simulate events and incidents Focus on organizational gaps REPORT Document Results and Track Performance • Document incident results • Track historical performance • Demonstrate organizational preparedness • Generate audit/compliance reports 21 ASSESS Quantify Potential Impact, Support Privacy Impact Assessments © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. • • • • • Track events Scope regulatory requirements See $ exposure Send notice to team Generate PIAs MANAGE Easily Generate Detailed Incident Response Plans • • • • • Escalate to complete IR plan Oversee the complete plan Assign tasks: who/what/when Notify regulators and clients Monitor progress to completion
  • 22. Best practices from Co3 Systems’ technologies 22 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 23. Best practices from Co3 Systems’ technologies 23 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 24. Best practices from Co3 Systems’ technologies 24 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 25. Best practices from Co3 Systems’ technologies 25 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 26. Best practices from Co3 Systems’ technologies 26 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 27. Best practices from Co3 Systems’ technologies 27 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 28. “Co3 Systems makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.” PC MAGAZINE, EDITOR’S CHOICE One Alewife Center, Suite 450 Cambridge, MA 02140 “One of the hottest products at RSA…” WWW.CO3SYS.COM NETWORK WORLD Gant Redmon General Counsel EMAIL gredmon@co3sys.com PHONE 617.300.8136 “an invaluable weapon when responding to security incidents.” GOVERNMENT COMPUTER NEWS “Adding the Security Module... to this otherwise fine suite of services, Co3 has done better than a home-run...it has knocked one out of the park.” SC MAGAZINE
  • 29. Reduction in incident management Reduces 3,000 incidents per day to fewer than 200 per day Up to 90% Automated Compliance Huge cost savings Average cost savings of $1,000,000 per quarter from SOX compliance packs $1,000,000 Resource optimization Automation helps to process 4x more events 24x7 resulting in better utilization of resources Reduction in compliance audits Automating these compliance is one time task and saves 90% of time every quarter from each audit 400% 90% NIST, ISO, PCI, SOX combined with security Better visibility, high productivity, fewer compliance violations, simple audits, consistent controls and processes Simple Audits 29 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
  • 30. managed in-house/legacy custom apps Apps cloud Systems Monitoring 30 Virtual © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Applications Security SIEM log management Cloud security Insider threats Mobile Monitoring Continuous compliance SaaS 350+ CEF partners Big Data IT operations Storage Security Analytics Thank you