SlideShare a Scribd company logo

Getting your Strategy Right – in a SMAC World!

Continuity and Resilience
Continuity and Resilience

Presenter: K. K. Mookhey, PCI QSA, CISA, CISSP, CISM, CRISC Founder & Director Network Intelligence (I) Pvt. Ltd. Institute of Information Security Analytics Mobility Social Media Cloud

Services
1 of 33
Continuity and Resilience (CORE) ISO 22301 BCM Consulting Firm Presentations by our partners and extended team of industry experts Our Contact Details: INDIA UAE Continuity and Resilience Level 15,Eros Corporate Tower Nehru Place ,New Delhi-110019 Tel: +91 11 41055534/ +91 11 41613033 Fax: ++91 11 41055535 Email: neha@continuityandresilience.com Continuity and Resilience P. O. Box 127557 Abu Dhabi, United Arab Emirates Mobile:+971 50 8460530 Tel: +971 2 8152831 Fax: +971 2 8152888 Email: info@continuityandresilience.com
Getting your Strategy Right – in a SMAC world! K. K. Mookhey, PCI QSA, CISA, CISSP, CISM, CRISC Founder & Director Network Intelligence (I) Pvt. Ltd. Institute of Information Security
Agenda Analytics Mobility Social Media Cloud
Question 1 Should I buy APT Protection? Or WAF / DLP / IRM / Whatever?
Answer No!
Because, weak foundations!
Which in this case would be… Proper asset inventory Restriction of local admin rights Standardization of the user’s browser Patch management program to cover more than just Windows – Java, Adobe? Software asset management Most importantly – strong monitoring and incident response processes
Can you get the most out of your investment in X?
The Real Question: Why do I need to invest in X?
Get the right analytics!
Case Study • Large Telco • On-going application security assessments • On-going source code reviews • Periodic penetration tests • Development done by vendors • WAF decision pending for a year… • Should they buy a WAF? Should they invest more in application security? Should they implement a GRC solution?
Vulnerability Statistics 0 10 20 30 40 50 60 70 High Medium Low The # of High/Medium vulnerabilities are stable – no significant trends emerge! Why?
Insights from data analytics  Vendor delays in fixing the issues  Multiple reassessments leads to the issues remaining open and overlapped in subsequent assessments  High level of exposure on the Internet  Multiple approaches adopted and strong focus on appsec in recent times
Hence… Strategy is two pronged 1. WAF and other virtual patching technologies should be implemented 2. Vendor management practices and contractual negotiation should have CISO involvement
Why you need your data • Surveys/Reports cover organizations across industries • Do not take into account nature of the organization’s current web app situation – vendor, in-house, legacy, COTSE, etc. • Do not take into account current level of maturity • Try to draw general conclusions from average/sum of all data
Else…sub-optimal solutions!
Question 2 Should I open up access to FB / Twitter from within the Company network?
Answer Yes!
Sub-questions What is our objective in opening up this access? What about productivity? What about data loss? What about misuse of the facilities? What about harm to company reputation? What about misuse of logo and brand name?
But change begins at home… Out of top 100 CISOs how many on Twitter? 4 out of sample of 15 Of these, how many actively tweet? 2 out of the 4
Twitter engagement levels
Why Twitter?
References  Social Media Strategy, Policy and Governance http://www.ey.com/Publication/vwLUAssets/Social_med ia_strategy_policy_and_governance/$File/Social_medi a_strategy_policy_governance.pdf  Enterprise Social Governance http://www.clearvale.com/mkt- nav/en/whitepapers/Enterprise_Social_Governance_20 10_02_25.pdf  Social Media Policy Template http://www.biba.org.uk/PDFfiles/SocialMediaPolicy.pdf  Another template (4 pages) http://www.ericschwartzman.com/pr/schwartzman/socia l-media-policy-template.aspx
Question 3 Should we adopt the cloud?
Answer C’mon – that’s not even a question anymore!
Questions your strategy should address  What applications/data can reside on a public cloud?  What is the regulatory stance on this?  When going for public cloud, will we choose IaaS or SaaS or PaaS?  What systems will we allow to host on a private cloud?  What will be our criteria for choosing a CSP?  What minimum contractual elements will we enforce when moving to the cloud?  What will be my risk mitigation framework overall?  Then document this  Communicate it to the business! And take their feedback!
Question 4: How should we address mobility in the enterprise?
Pointers… BYOD is a given – it will happen sooner rather than later if not happening already Better embrace it! Your strategy / policy should be in place Applications should be M-ready! Brilliant way to engage the end-user – not being tapped currently!
Conclusion / Take-aways
Take-Aways Start building a smart metrics program Take a cue from the SANS Top 20 If not a full-fledged GRC, at least implement a proper vulnerability management program Use data analytics to build business case and determine future investments If not a policy, have a social media approach paper ready Same goes for cloud and mobility adoption
Thank you! Questions? Connect: info@continuityandresilience.com www.continuityandresilience.com

Recommended

Business continuity in the lean times
Business continuity in the lean timesBusiness continuity in the lean times
Business continuity in the lean timesSteven Aiello
 
Amity Innovation Incubator Workshop 30 May 09
Amity Innovation Incubator Workshop 30 May 09Amity Innovation Incubator Workshop 30 May 09
Amity Innovation Incubator Workshop 30 May 09Ashish Banerjee
 
SolarWinds Federal Cybersecurity Survey
SolarWinds Federal Cybersecurity SurveySolarWinds Federal Cybersecurity Survey
SolarWinds Federal Cybersecurity SurveySolarWinds
 
Survey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSurvey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSolarWinds
 
Australian IT Pros Survey: Network Complexity
Australian IT Pros Survey: Network ComplexityAustralian IT Pros Survey: Network Complexity
Australian IT Pros Survey: Network ComplexitySolarWinds
 
North America IT Pros Survey: Network Complexity
North America IT Pros Survey: Network ComplexityNorth America IT Pros Survey: Network Complexity
North America IT Pros Survey: Network ComplexitySolarWinds
 
Federated Access Management, JISC Presentation
Federated Access Management, JISC PresentationFederated Access Management, JISC Presentation
Federated Access Management, JISC PresentationJISC RSC Southeast
 
IT Alert Management Survey Results - February 2013
IT Alert Management Survey Results - February 2013IT Alert Management Survey Results - February 2013
IT Alert Management Survey Results - February 2013SolarWinds
 

Recommended

Business continuity in the lean times
Business continuity in the lean timesBusiness continuity in the lean times
Business continuity in the lean timesSteven Aiello
 
Amity Innovation Incubator Workshop 30 May 09
Amity Innovation Incubator Workshop 30 May 09Amity Innovation Incubator Workshop 30 May 09
Amity Innovation Incubator Workshop 30 May 09Ashish Banerjee
 
SolarWinds Federal Cybersecurity Survey
SolarWinds Federal Cybersecurity SurveySolarWinds Federal Cybersecurity Survey
SolarWinds Federal Cybersecurity SurveySolarWinds
 
Survey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSurvey: Security Analytics and Intelligence
Survey: Security Analytics and IntelligenceSolarWinds
 
Australian IT Pros Survey: Network Complexity
Australian IT Pros Survey: Network ComplexityAustralian IT Pros Survey: Network Complexity
Australian IT Pros Survey: Network ComplexitySolarWinds
 
North America IT Pros Survey: Network Complexity
North America IT Pros Survey: Network ComplexityNorth America IT Pros Survey: Network Complexity
North America IT Pros Survey: Network ComplexitySolarWinds
 
Federated Access Management, JISC Presentation
Federated Access Management, JISC PresentationFederated Access Management, JISC Presentation
Federated Access Management, JISC PresentationJISC RSC Southeast
 
IT Alert Management Survey Results - February 2013
IT Alert Management Survey Results - February 2013IT Alert Management Survey Results - February 2013
IT Alert Management Survey Results - February 2013SolarWinds
 
Survey: Maximizing the ROI of Network Management Solutions
Survey: Maximizing the ROI of Network Management SolutionsSurvey: Maximizing the ROI of Network Management Solutions
Survey: Maximizing the ROI of Network Management SolutionsSolarWinds
 
SolarWinds Application Performance End User Survey (Australia)
SolarWinds Application Performance End User Survey (Australia)SolarWinds Application Performance End User Survey (Australia)
SolarWinds Application Performance End User Survey (Australia)SolarWinds
 
Automation in Public Sector IT Systems
Automation in Public Sector IT SystemsAutomation in Public Sector IT Systems
Automation in Public Sector IT SystemsSolarWinds
 
UK IT Pros Survey: Network Complexity
UK IT Pros Survey: Network ComplexityUK IT Pros Survey: Network Complexity
UK IT Pros Survey: Network ComplexitySolarWinds
 
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...SolarWinds
 
SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds
 
Ebusiness Auditing
Ebusiness AuditingEbusiness Auditing
Ebusiness Auditingnewarttech
 
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)SolarWinds
 
New IT Survey: Public Sector
New IT Survey: Public SectorNew IT Survey: Public Sector
New IT Survey: Public SectorSolarWinds
 
Email Management Survey: North America
Email Management Survey: North AmericaEmail Management Survey: North America
Email Management Survey: North AmericaSolarWinds
 
The ROI Global Forum on Enterprise Social Networking
The ROI Global Forum on Enterprise Social NetworkingThe ROI Global Forum on Enterprise Social Networking
The ROI Global Forum on Enterprise Social Networkingtibbr
 
New IT Survey: Australia
New IT Survey: AustraliaNew IT Survey: Australia
New IT Survey: AustraliaSolarWinds
 
The ROI of Collaboration featuring research from Forrester
The ROI of Collaboration featuring research from ForresterThe ROI of Collaboration featuring research from Forrester
The ROI of Collaboration featuring research from Forrestertibbr
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativeChris Pepin
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceSolarWinds
 
What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?Jim Kaplan CIA CFE
 
Va\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutionsVa\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutionsiansadler
 
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...Enterprise Management Associates
 
SolarWinds Application Performance End User Survey (Singapore)
SolarWinds Application Performance End User Survey (Singapore)SolarWinds Application Performance End User Survey (Singapore)
SolarWinds Application Performance End User Survey (Singapore)SolarWinds
 
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...IT Network marcus evans
 
Protect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and ActionProtect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and ActionWolters Kluwer Tax & Accounting US
 
Business agility imperatives smarter solutions-transformation-icty 2011-1
Business agility imperatives smarter solutions-transformation-icty 2011-1Business agility imperatives smarter solutions-transformation-icty 2011-1
Business agility imperatives smarter solutions-transformation-icty 2011-1zslmarketing
 

More Related Content

What's hot

Survey: Maximizing the ROI of Network Management Solutions
Survey: Maximizing the ROI of Network Management SolutionsSurvey: Maximizing the ROI of Network Management Solutions
Survey: Maximizing the ROI of Network Management SolutionsSolarWinds
 
SolarWinds Application Performance End User Survey (Australia)
SolarWinds Application Performance End User Survey (Australia)SolarWinds Application Performance End User Survey (Australia)
SolarWinds Application Performance End User Survey (Australia)SolarWinds
 
Automation in Public Sector IT Systems
Automation in Public Sector IT SystemsAutomation in Public Sector IT Systems
Automation in Public Sector IT SystemsSolarWinds
 
UK IT Pros Survey: Network Complexity
UK IT Pros Survey: Network ComplexityUK IT Pros Survey: Network Complexity
UK IT Pros Survey: Network ComplexitySolarWinds
 
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...SolarWinds
 
SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds
 
Ebusiness Auditing
Ebusiness AuditingEbusiness Auditing
Ebusiness Auditingnewarttech
 
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)SolarWinds
 
New IT Survey: Public Sector
New IT Survey: Public SectorNew IT Survey: Public Sector
New IT Survey: Public SectorSolarWinds
 
Email Management Survey: North America
Email Management Survey: North AmericaEmail Management Survey: North America
Email Management Survey: North AmericaSolarWinds
 
The ROI Global Forum on Enterprise Social Networking
The ROI Global Forum on Enterprise Social NetworkingThe ROI Global Forum on Enterprise Social Networking
The ROI Global Forum on Enterprise Social Networkingtibbr
 
New IT Survey: Australia
New IT Survey: AustraliaNew IT Survey: Australia
New IT Survey: AustraliaSolarWinds
 
The ROI of Collaboration featuring research from Forrester
The ROI of Collaboration featuring research from ForresterThe ROI of Collaboration featuring research from Forrester
The ROI of Collaboration featuring research from Forrestertibbr
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativeChris Pepin
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceSolarWinds
 
What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?Jim Kaplan CIA CFE
 
Va\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutionsVa\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutionsiansadler
 
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...Enterprise Management Associates
 
SolarWinds Application Performance End User Survey (Singapore)
SolarWinds Application Performance End User Survey (Singapore)SolarWinds Application Performance End User Survey (Singapore)
SolarWinds Application Performance End User Survey (Singapore)SolarWinds
 
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...IT Network marcus evans
 

What's hot (20)

Survey: Maximizing the ROI of Network Management Solutions
Survey: Maximizing the ROI of Network Management SolutionsSurvey: Maximizing the ROI of Network Management Solutions
Survey: Maximizing the ROI of Network Management Solutions
 
SolarWinds Application Performance End User Survey (Australia)
SolarWinds Application Performance End User Survey (Australia)SolarWinds Application Performance End User Survey (Australia)
SolarWinds Application Performance End User Survey (Australia)
 
Automation in Public Sector IT Systems
Automation in Public Sector IT SystemsAutomation in Public Sector IT Systems
Automation in Public Sector IT Systems
 
UK IT Pros Survey: Network Complexity
UK IT Pros Survey: Network ComplexityUK IT Pros Survey: Network Complexity
UK IT Pros Survey: Network Complexity
 
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
AFCEA Cybersecurity through Continuous Monitoring: SolarWinds Survey Results ...
 
SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015SolarWinds Federal Cybersecurity Survey 2015
SolarWinds Federal Cybersecurity Survey 2015
 
Ebusiness Auditing
Ebusiness AuditingEbusiness Auditing
Ebusiness Auditing
 
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)
SolarWinds IT Trends Report 2015: Business at the Speed of IT (North America)
 
New IT Survey: Public Sector
New IT Survey: Public SectorNew IT Survey: Public Sector
New IT Survey: Public Sector
 
Email Management Survey: North America
Email Management Survey: North AmericaEmail Management Survey: North America
Email Management Survey: North America
 
The ROI Global Forum on Enterprise Social Networking
The ROI Global Forum on Enterprise Social NetworkingThe ROI Global Forum on Enterprise Social Networking
The ROI Global Forum on Enterprise Social Networking
 
New IT Survey: Australia
New IT Survey: AustraliaNew IT Survey: Australia
New IT Survey: Australia
 
The ROI of Collaboration featuring research from Forrester
The ROI of Collaboration featuring research from ForresterThe ROI of Collaboration featuring research from Forrester
The ROI of Collaboration featuring research from Forrester
 
Pulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiativePulse 2013 - How to run a successful BYOD initiative
Pulse 2013 - How to run a successful BYOD initiative
 
Threat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security ConferenceThreat Detection as presented at the 2016 DGI Cyber security Conference
Threat Detection as presented at the 2016 DGI Cyber security Conference
 
What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?What's the Difference between GRC and Combined Assurance?
What's the Difference between GRC and Combined Assurance?
 
Va\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutionsVa\\lue of e-safebusiness solutions
Va\\lue of e-safebusiness solutions
 
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
The Borderless Enterprise: Adapting Network Management to Mobility, Cloud, & ...
 
SolarWinds Application Performance End User Survey (Singapore)
SolarWinds Application Performance End User Survey (Singapore)SolarWinds Application Performance End User Survey (Singapore)
SolarWinds Application Performance End User Survey (Singapore)
 
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
Why IT Systems Need to Conduct IT System Penetration Tests - Chris Gatford, N...
 

Similar to Getting your Strategy Right – in a SMAC World!

Business agility imperatives smarter solutions-transformation-icty 2011-1
Business agility imperatives smarter solutions-transformation-icty 2011-1Business agility imperatives smarter solutions-transformation-icty 2011-1
Business agility imperatives smarter solutions-transformation-icty 2011-1zslmarketing
 
Building a business case & selecting an ehs mis platform
Building a business case & selecting an ehs mis platformBuilding a business case & selecting an ehs mis platform
Building a business case & selecting an ehs mis platformProcessMAP Corporation
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Learn How to Maximize Your ServiceNow Investment
Learn How to Maximize Your ServiceNow InvestmentLearn How to Maximize Your ServiceNow Investment
Learn How to Maximize Your ServiceNow InvestmentStave
 
Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Michael Ofarrell
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackThousandEyes
 
Ciso organizational priorities to build a resilient bimodal it
Ciso organizational priorities to build a resilient bimodal itCiso organizational priorities to build a resilient bimodal it
Ciso organizational priorities to build a resilient bimodal itChandra Sekhar Tondepu
 
Content Marketing Trending Topics in Tech
Content Marketing Trending Topics in TechContent Marketing Trending Topics in Tech
Content Marketing Trending Topics in TechUBM (Technology)
 
Cloud scars: Lessons from the Enterprise Pioneers
Cloud scars: Lessons from the Enterprise PioneersCloud scars: Lessons from the Enterprise Pioneers
Cloud scars: Lessons from the Enterprise PioneersServiceMesh
 
Cloud Scars: Lessons from the Enterprise Pioneers
Cloud Scars: Lessons from the Enterprise PioneersCloud Scars: Lessons from the Enterprise Pioneers
Cloud Scars: Lessons from the Enterprise PioneersDave Roberts
 
Open Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier BankOpen Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier BankWSO2
 
ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6Michael Punzo
 
Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Ray Bugg
 
Sharing Securely SIMposium 2010
Sharing Securely SIMposium 2010Sharing Securely SIMposium 2010
Sharing Securely SIMposium 2010Peter Coffee
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StoryCloudLock
 
Endpoint Security & Why It Matters!
Endpoint Security & Why It Matters!Endpoint Security & Why It Matters!
Endpoint Security & Why It Matters!Net at Work
 

Similar to Getting your Strategy Right – in a SMAC World! (20)

Protect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and ActionProtect Your Firm: Knowledge, Process, Policy and Action
Protect Your Firm: Knowledge, Process, Policy and Action
 
Business agility imperatives smarter solutions-transformation-icty 2011-1
Business agility imperatives smarter solutions-transformation-icty 2011-1Business agility imperatives smarter solutions-transformation-icty 2011-1
Business agility imperatives smarter solutions-transformation-icty 2011-1
 
Building a business case & selecting an ehs mis platform
Building a business case & selecting an ehs mis platformBuilding a business case & selecting an ehs mis platform
Building a business case & selecting an ehs mis platform
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
 
Learn How to Maximize Your ServiceNow Investment
Learn How to Maximize Your ServiceNow InvestmentLearn How to Maximize Your ServiceNow Investment
Learn How to Maximize Your ServiceNow Investment
 
Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11Presentation to Irish ISSA Conference 12-May-11
Presentation to Irish ISSA Conference 12-May-11
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
How to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT StackHow to Monitor Digital Dependencies Across Your Modern IT Stack
How to Monitor Digital Dependencies Across Your Modern IT Stack
 
Secure Iowa Oct 2016
Secure Iowa Oct 2016Secure Iowa Oct 2016
Secure Iowa Oct 2016
 
Ciso organizational priorities to build a resilient bimodal it
Ciso organizational priorities to build a resilient bimodal itCiso organizational priorities to build a resilient bimodal it
Ciso organizational priorities to build a resilient bimodal it
 
Content Marketing Trending Topics in Tech
Content Marketing Trending Topics in TechContent Marketing Trending Topics in Tech
Content Marketing Trending Topics in Tech
 
Cloud scars: Lessons from the Enterprise Pioneers
Cloud scars: Lessons from the Enterprise PioneersCloud scars: Lessons from the Enterprise Pioneers
Cloud scars: Lessons from the Enterprise Pioneers
 
Cloud Scars: Lessons from the Enterprise Pioneers
Cloud Scars: Lessons from the Enterprise PioneersCloud Scars: Lessons from the Enterprise Pioneers
Cloud Scars: Lessons from the Enterprise Pioneers
 
Open Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier BankOpen Source adoption in a Mexicon Second tier Bank
Open Source adoption in a Mexicon Second tier Bank
 
ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6ISQS 4385 ASSIGNMENT - 6
ISQS 4385 ASSIGNMENT - 6
 
Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)
 
The path to self-disruption
The path to self-disruptionThe path to self-disruption
The path to self-disruption
 
Sharing Securely SIMposium 2010
Sharing Securely SIMposium 2010Sharing Securely SIMposium 2010
Sharing Securely SIMposium 2010
 
Securing The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's StorySecuring The Reality of Multiple Cloud Apps: Pandora's Story
Securing The Reality of Multiple Cloud Apps: Pandora's Story
 
Endpoint Security & Why It Matters!
Endpoint Security & Why It Matters!Endpoint Security & Why It Matters!
Endpoint Security & Why It Matters!
 

More from Continuity and Resilience

The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq BajwaThe Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq BajwaContinuity and Resilience
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha EltinayThe Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha EltinayContinuity and Resilience
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul GantThe Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul GantContinuity and Resilience
 
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...Continuity and Resilience
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...Continuity and Resilience
 
Advancing the Enterprise Towards Enterprise Resilience
Advancing the Enterprise Towards Enterprise ResilienceAdvancing the Enterprise Towards Enterprise Resilience
Advancing the Enterprise Towards Enterprise ResilienceContinuity and Resilience
 
Value of Work Place Services in the Middle East
Value of Work Place Services in the Middle EastValue of Work Place Services in the Middle East
Value of Work Place Services in the Middle EastContinuity and Resilience
 
Social Media Influence in the field of Crisis Management– Case Studies
Social Media Influence in the field of Crisis Management– Case StudiesSocial Media Influence in the field of Crisis Management– Case Studies
Social Media Influence in the field of Crisis Management– Case StudiesContinuity and Resilience
 
Cyber Resilience Tips and Techniques For Protection & Response
Cyber Resilience Tips and Techniques For Protection & Response Cyber Resilience Tips and Techniques For Protection & Response
Cyber Resilience Tips and Techniques For Protection & Response Continuity and Resilience
 
Business Continuity and Information Security- An Excellent Fit!
Business Continuity and Information Security- An Excellent Fit!Business Continuity and Information Security- An Excellent Fit!
Business Continuity and Information Security- An Excellent Fit!Continuity and Resilience
 
Crisis Communication & BCM in Aviation Sector
Crisis Communication & BCM in Aviation SectorCrisis Communication & BCM in Aviation Sector
Crisis Communication & BCM in Aviation SectorContinuity and Resilience
 
Effectiveness of Disaster Management Ground Reality and Potential.
Effectiveness of Disaster Management Ground Reality and Potential.Effectiveness of Disaster Management Ground Reality and Potential.
Effectiveness of Disaster Management Ground Reality and Potential.Continuity and Resilience
 

More from Continuity and Resilience (20)

The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq BajwaThe Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
The Business Continuity Conference, 25th October 2023 in Riyadh - Mr. Atiq Bajwa
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha EltinayThe Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
The Business Continuity Conference, 25th October 2023 in Riyadh - Nuha Eltinay
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul GantThe Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
The Business Continuity Conference, 25th October 2023 in Riyadh - Paul Gant
 
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
The Business Continuity Conference, 25th October 2023 in Riyadh - David Boll...
 
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
The Business Continuity Conference, 25th October 2023 in Riyadh - Abdulrahma...
 
DEFLUFFING RESILIENCE
DEFLUFFING RESILIENCEDEFLUFFING RESILIENCE
DEFLUFFING RESILIENCE
 
CREATING AND MAINTAINING A BCM PROGRAM
CREATING AND MAINTAINING A BCM PROGRAM CREATING AND MAINTAINING A BCM PROGRAM
CREATING AND MAINTAINING A BCM PROGRAM
 
BCM Challenges and Compliance
BCM Challenges and Compliance BCM Challenges and Compliance
BCM Challenges and Compliance
 
Thriving in the Crisis Situation
Thriving in the Crisis SituationThriving in the Crisis Situation
Thriving in the Crisis Situation
 
Cyber Security & IT Resilience
Cyber Security & IT Resilience Cyber Security & IT Resilience
Cyber Security & IT Resilience
 
Enterprise Resilience
Enterprise ResilienceEnterprise Resilience
Enterprise Resilience
 
Advancing the Enterprise Towards Enterprise Resilience
Advancing the Enterprise Towards Enterprise ResilienceAdvancing the Enterprise Towards Enterprise Resilience
Advancing the Enterprise Towards Enterprise Resilience
 
Bcm is all about people!
Bcm is all about people!Bcm is all about people!
Bcm is all about people!
 
SAMA BCM Framework
SAMA BCM Framework SAMA BCM Framework
SAMA BCM Framework
 
Value of Work Place Services in the Middle East
Value of Work Place Services in the Middle EastValue of Work Place Services in the Middle East
Value of Work Place Services in the Middle East
 
Social Media Influence in the field of Crisis Management– Case Studies
Social Media Influence in the field of Crisis Management– Case StudiesSocial Media Influence in the field of Crisis Management– Case Studies
Social Media Influence in the field of Crisis Management– Case Studies
 
Cyber Resilience Tips and Techniques For Protection & Response
Cyber Resilience Tips and Techniques For Protection & Response Cyber Resilience Tips and Techniques For Protection & Response
Cyber Resilience Tips and Techniques For Protection & Response
 
Business Continuity and Information Security- An Excellent Fit!
Business Continuity and Information Security- An Excellent Fit!Business Continuity and Information Security- An Excellent Fit!
Business Continuity and Information Security- An Excellent Fit!
 
Crisis Communication & BCM in Aviation Sector
Crisis Communication & BCM in Aviation SectorCrisis Communication & BCM in Aviation Sector
Crisis Communication & BCM in Aviation Sector
 
Effectiveness of Disaster Management Ground Reality and Potential.
Effectiveness of Disaster Management Ground Reality and Potential.Effectiveness of Disaster Management Ground Reality and Potential.
Effectiveness of Disaster Management Ground Reality and Potential.
 

Recently uploaded

Call Girls In Islamabad || 03274885999 || 24/7 Service Islamabad Call Girls &...
Call Girls In Islamabad || 03274885999 || 24/7 Service Islamabad Call Girls &...Call Girls In Islamabad || 03274885999 || 24/7 Service Islamabad Call Girls &...
Call Girls In Islamabad || 03274885999 || 24/7 Service Islamabad Call Girls &...Ayesha Khan
 
(9818099198) Call Girls In Noida Sector 88 (NOIDA ESCORTS)
(9818099198) Call Girls In Noida Sector 88 (NOIDA ESCORTS)(9818099198) Call Girls In Noida Sector 88 (NOIDA ESCORTS)
(9818099198) Call Girls In Noida Sector 88 (NOIDA ESCORTS)riyaescorts54
 
Call Girls in Lahore || 03090999379 || Get 30% Off on Hot Call Girls Service
Call Girls in Lahore || 03090999379 || Get 30% Off on Hot Call Girls ServiceCall Girls in Lahore || 03090999379 || Get 30% Off on Hot Call Girls Service
Call Girls in Lahore || 03090999379 || Get 30% Off on Hot Call Girls ServiceAyesha Khan
 
Call Girls In Majnu-ka-Tilla 9711800081 Low Cheap Price ...
Call Girls In Majnu-ka-Tilla 9711800081 Low Cheap Price ...Call Girls In Majnu-ka-Tilla 9711800081 Low Cheap Price ...
Call Girls In Majnu-ka-Tilla 9711800081 Low Cheap Price ...gitathapa4
 
Call Girls in Majnu ka Tilla Delhi 💯 Call Us 🔝9711014705🔝
Call Girls in Majnu ka Tilla Delhi 💯 Call Us 🔝9711014705🔝Call Girls in Majnu ka Tilla Delhi 💯 Call Us 🔝9711014705🔝
Call Girls in Majnu ka Tilla Delhi 💯 Call Us 🔝9711014705🔝thapagita
 
Call Girls In Sector 26, (Gurgaon) Call Us. 9711911712
Call Girls In Sector 26, (Gurgaon) Call Us. 9711911712Call Girls In Sector 26, (Gurgaon) Call Us. 9711911712
Call Girls In Sector 26, (Gurgaon) Call Us. 9711911712Delhi Escorts Service
 
Call Girls in Calangute Beach 8588052666 Goa Escorts ...
Call Girls in Calangute Beach 8588052666 Goa Escorts ...Call Girls in Calangute Beach 8588052666 Goa Escorts ...
Call Girls in Calangute Beach 8588052666 Goa Escorts ...nishakur201
 
(8264348440) 🔝 Call Girls In Noida Sector 62 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Noida Sector 62 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Noida Sector 62 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Noida Sector 62 🔝 Delhi NCRsoniya singh
 
NASHIK CALL GIRL 92628*71154 NASHIK CALL
NASHIK CALL GIRL 92628*71154 NASHIK CALLNASHIK CALL GIRL 92628*71154 NASHIK CALL
NASHIK CALL GIRL 92628*71154 NASHIK CALLNiteshKumar82226
 
▶ ●─Cash On Delivery Call Girls In ( Sector 63 Noida )꧁❤⎝8375860717⎠❤꧂
▶ ●─Cash On Delivery Call Girls In ( Sector 63 Noida )꧁❤⎝8375860717⎠❤꧂▶ ●─Cash On Delivery Call Girls In ( Sector 63 Noida )꧁❤⎝8375860717⎠❤꧂
▶ ●─Cash On Delivery Call Girls In ( Sector 63 Noida )꧁❤⎝8375860717⎠❤꧂door45step
 
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...aakahthapa70
 
9899855202 Call Girls In Goa This Ads Is Only For Those Clients Who Are Looki...
9899855202 Call Girls In Goa This Ads Is Only For Those Clients Who Are Looki...9899855202 Call Girls In Goa This Ads Is Only For Those Clients Who Are Looki...
9899855202 Call Girls In Goa This Ads Is Only For Those Clients Who Are Looki...delhincr993
 
Call Girls In Islamabad | 03278838827 || 24/7 Service Islamabad Call Girls & ...
Call Girls In Islamabad | 03278838827 || 24/7 Service Islamabad Call Girls & ...Call Girls In Islamabad | 03278838827 || 24/7 Service Islamabad Call Girls & ...
Call Girls In Islamabad | 03278838827 || 24/7 Service Islamabad Call Girls & ...Ayesha Khan
 
NAGPUR CALL GIRL 92628*71154 NAGPUR CALL
NAGPUR CALL GIRL 92628*71154 NAGPUR CALLNAGPUR CALL GIRL 92628*71154 NAGPUR CALL
NAGPUR CALL GIRL 92628*71154 NAGPUR CALLNiteshKumar82226
 
Call Girls In Sector 85 Noida 9711911712 Escorts ServiCe Noida
Call Girls In Sector 85 Noida 9711911712 Escorts ServiCe NoidaCall Girls In Sector 85 Noida 9711911712 Escorts ServiCe Noida
Call Girls In Sector 85 Noida 9711911712 Escorts ServiCe NoidaDelhi Escorts Service
 
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...aakahthapa70
 
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...aakahthapa70
 
Genuine Call Girls In {Mahipalpur Delhi} 9667938988 Indian Russian High Profi...
Genuine Call Girls In {Mahipalpur Delhi} 9667938988 Indian Russian High Profi...Genuine Call Girls In {Mahipalpur Delhi} 9667938988 Indian Russian High Profi...
Genuine Call Girls In {Mahipalpur Delhi} 9667938988 Indian Russian High Profi...aakahthapa70
 

Recently uploaded (20)

Call Girls In Islamabad || 03274885999 || 24/7 Service Islamabad Call Girls &...
Call Girls In Islamabad || 03274885999 || 24/7 Service Islamabad Call Girls &...Call Girls In Islamabad || 03274885999 || 24/7 Service Islamabad Call Girls &...
Call Girls In Islamabad || 03274885999 || 24/7 Service Islamabad Call Girls &...
 
Call Girls In Saket Delhi 9953056974 (Low Price) Escort Service Saket Delhi
Call Girls In Saket Delhi 9953056974 (Low Price) Escort Service Saket DelhiCall Girls In Saket Delhi 9953056974 (Low Price) Escort Service Saket Delhi
Call Girls In Saket Delhi 9953056974 (Low Price) Escort Service Saket Delhi
 
(9818099198) Call Girls In Noida Sector 88 (NOIDA ESCORTS)
(9818099198) Call Girls In Noida Sector 88 (NOIDA ESCORTS)(9818099198) Call Girls In Noida Sector 88 (NOIDA ESCORTS)
(9818099198) Call Girls In Noida Sector 88 (NOIDA ESCORTS)
 
Call Girls in Lahore || 03090999379 || Get 30% Off on Hot Call Girls Service
Call Girls in Lahore || 03090999379 || Get 30% Off on Hot Call Girls ServiceCall Girls in Lahore || 03090999379 || Get 30% Off on Hot Call Girls Service
Call Girls in Lahore || 03090999379 || Get 30% Off on Hot Call Girls Service
 
Call Girls In Majnu-ka-Tilla 9711800081 Low Cheap Price ...
Call Girls In Majnu-ka-Tilla 9711800081 Low Cheap Price ...Call Girls In Majnu-ka-Tilla 9711800081 Low Cheap Price ...
Call Girls In Majnu-ka-Tilla 9711800081 Low Cheap Price ...
 
9953056974 Low Rate Call Girls Delhi NCR
9953056974 Low Rate Call Girls Delhi NCR9953056974 Low Rate Call Girls Delhi NCR
9953056974 Low Rate Call Girls Delhi NCR
 
Call Girls in Majnu ka Tilla Delhi 💯 Call Us 🔝9711014705🔝
Call Girls in Majnu ka Tilla Delhi 💯 Call Us 🔝9711014705🔝Call Girls in Majnu ka Tilla Delhi 💯 Call Us 🔝9711014705🔝
Call Girls in Majnu ka Tilla Delhi 💯 Call Us 🔝9711014705🔝
 
Call Girls In Sector 26, (Gurgaon) Call Us. 9711911712
Call Girls In Sector 26, (Gurgaon) Call Us. 9711911712Call Girls In Sector 26, (Gurgaon) Call Us. 9711911712
Call Girls In Sector 26, (Gurgaon) Call Us. 9711911712
 
Call Girls in Calangute Beach 8588052666 Goa Escorts ...
Call Girls in Calangute Beach 8588052666 Goa Escorts ...Call Girls in Calangute Beach 8588052666 Goa Escorts ...
Call Girls in Calangute Beach 8588052666 Goa Escorts ...
 
(8264348440) 🔝 Call Girls In Noida Sector 62 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Noida Sector 62 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Noida Sector 62 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Noida Sector 62 🔝 Delhi NCR
 
NASHIK CALL GIRL 92628*71154 NASHIK CALL
NASHIK CALL GIRL 92628*71154 NASHIK CALLNASHIK CALL GIRL 92628*71154 NASHIK CALL
NASHIK CALL GIRL 92628*71154 NASHIK CALL
 
▶ ●─Cash On Delivery Call Girls In ( Sector 63 Noida )꧁❤⎝8375860717⎠❤꧂
▶ ●─Cash On Delivery Call Girls In ( Sector 63 Noida )꧁❤⎝8375860717⎠❤꧂▶ ●─Cash On Delivery Call Girls In ( Sector 63 Noida )꧁❤⎝8375860717⎠❤꧂
▶ ●─Cash On Delivery Call Girls In ( Sector 63 Noida )꧁❤⎝8375860717⎠❤꧂
 
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
 
9899855202 Call Girls In Goa This Ads Is Only For Those Clients Who Are Looki...
9899855202 Call Girls In Goa This Ads Is Only For Those Clients Who Are Looki...9899855202 Call Girls In Goa This Ads Is Only For Those Clients Who Are Looki...
9899855202 Call Girls In Goa This Ads Is Only For Those Clients Who Are Looki...
 
Call Girls In Islamabad | 03278838827 || 24/7 Service Islamabad Call Girls & ...
Call Girls In Islamabad | 03278838827 || 24/7 Service Islamabad Call Girls & ...Call Girls In Islamabad | 03278838827 || 24/7 Service Islamabad Call Girls & ...
Call Girls In Islamabad | 03278838827 || 24/7 Service Islamabad Call Girls & ...
 
NAGPUR CALL GIRL 92628*71154 NAGPUR CALL
NAGPUR CALL GIRL 92628*71154 NAGPUR CALLNAGPUR CALL GIRL 92628*71154 NAGPUR CALL
NAGPUR CALL GIRL 92628*71154 NAGPUR CALL
 
Call Girls In Sector 85 Noida 9711911712 Escorts ServiCe Noida
Call Girls In Sector 85 Noida 9711911712 Escorts ServiCe NoidaCall Girls In Sector 85 Noida 9711911712 Escorts ServiCe Noida
Call Girls In Sector 85 Noida 9711911712 Escorts ServiCe Noida
 
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
Call Girls In {Laxmi Nagar Delhi} 9667938988 Indian Russian High Profile Girl...
 
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
Call Girls In {Green Park Delhi} 9667938988 Indian Russian High Profile Girls...
 
Genuine Call Girls In {Mahipalpur Delhi} 9667938988 Indian Russian High Profi...
Genuine Call Girls In {Mahipalpur Delhi} 9667938988 Indian Russian High Profi...Genuine Call Girls In {Mahipalpur Delhi} 9667938988 Indian Russian High Profi...
Genuine Call Girls In {Mahipalpur Delhi} 9667938988 Indian Russian High Profi...
 

Getting your Strategy Right – in a SMAC World!

  • 1. Continuity and Resilience (CORE) ISO 22301 BCM Consulting Firm Presentations by our partners and extended team of industry experts Our Contact Details: INDIA UAE Continuity and Resilience Level 15,Eros Corporate Tower Nehru Place ,New Delhi-110019 Tel: +91 11 41055534/ +91 11 41613033 Fax: ++91 11 41055535 Email: neha@continuityandresilience.com Continuity and Resilience P. O. Box 127557 Abu Dhabi, United Arab Emirates Mobile:+971 50 8460530 Tel: +971 2 8152831 Fax: +971 2 8152888 Email: info@continuityandresilience.com
  • 2. Getting your Strategy Right – in a SMAC world! K. K. Mookhey, PCI QSA, CISA, CISSP, CISM, CRISC Founder & Director Network Intelligence (I) Pvt. Ltd. Institute of Information Security
  • 4. Question 1 Should I buy APT Protection? Or WAF / DLP / IRM / Whatever?
  • 7. Which in this case would be… Proper asset inventory Restriction of local admin rights Standardization of the user’s browser Patch management program to cover more than just Windows – Java, Adobe? Software asset management Most importantly – strong monitoring and incident response processes
  • 8.
  • 9. Can you get the most out of your investment in X?
  • 10. The Real Question: Why do I need to invest in X?
  • 11. Get the right analytics!
  • 12. Case Study • Large Telco • On-going application security assessments • On-going source code reviews • Periodic penetration tests • Development done by vendors • WAF decision pending for a year… • Should they buy a WAF? Should they invest more in application security? Should they implement a GRC solution?
  • 13. Vulnerability Statistics 0 10 20 30 40 50 60 70 High Medium Low The # of High/Medium vulnerabilities are stable – no significant trends emerge! Why?
  • 14. Insights from data analytics  Vendor delays in fixing the issues  Multiple reassessments leads to the issues remaining open and overlapped in subsequent assessments  High level of exposure on the Internet  Multiple approaches adopted and strong focus on appsec in recent times
  • 15. Hence… Strategy is two pronged 1. WAF and other virtual patching technologies should be implemented 2. Vendor management practices and contractual negotiation should have CISO involvement
  • 16. Why you need your data • Surveys/Reports cover organizations across industries • Do not take into account nature of the organization’s current web app situation – vendor, in-house, legacy, COTSE, etc. • Do not take into account current level of maturity • Try to draw general conclusions from average/sum of all data
  • 18. Question 2 Should I open up access to FB / Twitter from within the Company network?
  • 20. Sub-questions What is our objective in opening up this access? What about productivity? What about data loss? What about misuse of the facilities? What about harm to company reputation? What about misuse of logo and brand name?
  • 21. But change begins at home… Out of top 100 CISOs how many on Twitter? 4 out of sample of 15 Of these, how many actively tweet? 2 out of the 4
  • 24. References  Social Media Strategy, Policy and Governance http://www.ey.com/Publication/vwLUAssets/Social_med ia_strategy_policy_and_governance/$File/Social_medi a_strategy_policy_governance.pdf  Enterprise Social Governance http://www.clearvale.com/mkt- nav/en/whitepapers/Enterprise_Social_Governance_20 10_02_25.pdf  Social Media Policy Template http://www.biba.org.uk/PDFfiles/SocialMediaPolicy.pdf  Another template (4 pages) http://www.ericschwartzman.com/pr/schwartzman/socia l-media-policy-template.aspx
  • 25. Question 3 Should we adopt the cloud?
  • 26. Answer C’mon – that’s not even a question anymore!
  • 27. Questions your strategy should address  What applications/data can reside on a public cloud?  What is the regulatory stance on this?  When going for public cloud, will we choose IaaS or SaaS or PaaS?  What systems will we allow to host on a private cloud?  What will be our criteria for choosing a CSP?  What minimum contractual elements will we enforce when moving to the cloud?  What will be my risk mitigation framework overall?  Then document this  Communicate it to the business! And take their feedback!
  • 28. Question 4: How should we address mobility in the enterprise?
  • 29.
  • 30. Pointers… BYOD is a given – it will happen sooner rather than later if not happening already Better embrace it! Your strategy / policy should be in place Applications should be M-ready! Brilliant way to engage the end-user – not being tapped currently!
  • 32. Take-Aways Start building a smart metrics program Take a cue from the SANS Top 20 If not a full-fledged GRC, at least implement a proper vulnerability management program Use data analytics to build business case and determine future investments If not a policy, have a social media approach paper ready Same goes for cloud and mobility adoption