SlideShare a Scribd company logo

Aujas_Gartner_Dubai_v1_Nov15

S
Sameer Shelke
1 of 13
Download to read offline
Copyright © Aujas Information Risk Services Making Security Analytics Work: From Data to Information to Insights Sameer Shelke Co-founder & CTO Nov 2015
Copyright © Aujas Information Risk Services What’s Security Analytics? 2 Collect Analyze Report Collect data from various sources & controls, map it to information assets and create a normalized model Compare the data collected to set of rules of normal behavior and analyze the results Provide visualization (reports, dashboards etc.) of the analyzed results
Copyright © Aujas Information Risk Services Why Security Analytics ? - Need for better ROSI 3 Despite of increase in security incidents & financial losses, security budgets are constrained in most organizations. Getting better ROSI (return on security investment) continues to be very important. Hence having a “state of security view” to understand current risk levels, its impact on business and using information (analytics) to make security decisions is important. The global state of information security survey 2015 – PWC. Survey covers 9700 CIO’s, CISO’s, across 154 countries
Copyright © Aujas Information Risk Services Why Security Analytics ? - Visibility is key 4 Oct. 2014 survey of 350 participants, 20% of them from large orgs (>50K employees)
Copyright © Aujas Information Risk Services Why Security Analytics ? - IOT – more risks, more data 5 3.0B 3.7B 4.9B 25B Gartner says 4.9 billion connected “things” will be in use in 2015. In 2020, 25 billion connected “things” will be in use. Data related to security of these “things” would implode, security analytics would be the only way to make sense out of it.
Copyright © Aujas Information Risk Services What are the solution options? 6 Security Analytics SIEMplatforms Analytics platforms by adding analytics capability by adding security context Niche productcompanies Specialized products
Copyright © Aujas Information Risk Services Data Information Insights 7 Collect Analyze Report Data Information Insights
Copyright © Aujas Information Risk Services Making Security Analytics work 8 Collect Analyze Report Data Information Insights 1. Use available data & investments 2. Don’tignore unstructured data 3. Define your own normal 5. Don’twaste the opportunity 6. Change is the only constant
Copyright © Aujas Information Risk Services Making Security Analytics work 9 1. Use available data & investments 2. Don’tignore unstructured data Aggregators (e.g.SIEM) tools are good data source’s We have relevantdata in unstructured sources likeXLS, PDF’s,pointDB’s Currentinvestments (security & non-security) generaterelevant data
Copyright © Aujas Information Risk Services Making Security Analytics work 10 Analyze 3. Define your own normal Resignation Pre-exit DLP Incidents U1 U2 U3 U4 D1 D2 Compare against Your “normal” Visualize results D3
Copyright © Aujas Information Risk Services Making Security Analytics work 11 Report 5. Don’twaste the opportunity End of life timeline Vulnerabilities T1 T2 T3 T8 T6 T4 T7 T5 Client A Client B Client C Client D Compliance status
Copyright © Aujas Information Risk Services Making Security Analytics work 12 Collect Analyze Report Data Information Insights 1. Use available data & investments 2. Don’tignore unstructured data 3. Define your own normal 5. Don’twaste the opportunity 6. Change is the only constant
Copyright © Aujas Information Risk Services 13 Thank You www.savpbyaujas.com sameer.shelke@aujas.com sameersblog.aujas.com Bangalore | Cupertino | Delhi | Dubai | Jersey City | Mumbai

Recommended

Introduction to scenario based risk analysis part 2
Introduction to scenario based risk analysis part 2Introduction to scenario based risk analysis part 2
Introduction to scenario based risk analysis part 2"Apolonio \"Apps\"" Garcia
 
Introduction to scenario based risk analysis part 3
Introduction to scenario based risk analysis part 3Introduction to scenario based risk analysis part 3
Introduction to scenario based risk analysis part 3"Apolonio \"Apps\"" Garcia
 
Introduction to Scenario Based Risk Analysis
Introduction to Scenario Based Risk AnalysisIntroduction to Scenario Based Risk Analysis
Introduction to Scenario Based Risk Analysis"Apolonio \"Apps\"" Garcia
 
Modernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingModernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingSqrrl
 
Operationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesOperationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesElasticsearch
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationTripwire
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsInterset
 
Elastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElasticsearch
 

Recommended

Introduction to scenario based risk analysis part 2
Introduction to scenario based risk analysis part 2Introduction to scenario based risk analysis part 2
Introduction to scenario based risk analysis part 2"Apolonio \"Apps\"" Garcia
 
Introduction to scenario based risk analysis part 3
Introduction to scenario based risk analysis part 3Introduction to scenario based risk analysis part 3
Introduction to scenario based risk analysis part 3"Apolonio \"Apps\"" Garcia
 
Introduction to Scenario Based Risk Analysis
Introduction to Scenario Based Risk AnalysisIntroduction to Scenario Based Risk Analysis
Introduction to Scenario Based Risk Analysis"Apolonio \"Apps\"" Garcia
 
Modernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingModernizing Your SOC: A CISO-led Training
Modernizing Your SOC: A CISO-led TrainingSqrrl
 
Operationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesOperationalize with alerting, custom dashboards, and timelines
Operationalize with alerting, custom dashboards, and timelinesElasticsearch
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationTripwire
 
How to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsHow to Operationalize Big Data Security Analytics
How to Operationalize Big Data Security AnalyticsInterset
 
Elastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElastic Security: Your one-stop OODA loop shop
Elastic Security: Your one-stop OODA loop shopElasticsearch
 
HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016SteveAtHPE
 
Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operationsElasticsearch
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!Emma Kelly
 
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No ShoesCarolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoescentralohioissa
 
Transform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationTransform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationEnterprise Management Associates
 
How to make managed services work
How to make managed services workHow to make managed services work
How to make managed services workJacklyn Johnson
 
Security Risks: The Threat is Real
Security Risks: The Threat is RealSecurity Risks: The Threat is Real
Security Risks: The Threat is RealePlus
 
Security Metrics Resources File
Security Metrics Resources FileSecurity Metrics Resources File
Security Metrics Resources Fileguest0947de
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
 
AvailabilityGuard-Enterprise-2016
AvailabilityGuard-Enterprise-2016AvailabilityGuard-Enterprise-2016
AvailabilityGuard-Enterprise-2016Mark Stensen
 
Managing Your Risk Taxonomy within StratexPoint
Managing Your Risk Taxonomy within StratexPointManaging Your Risk Taxonomy within StratexPoint
Managing Your Risk Taxonomy within StratexPointAscendore Limited
 
10 Good Reasons: NetApp for Data Protection
10 Good Reasons: NetApp for Data Protection10 Good Reasons: NetApp for Data Protection
10 Good Reasons: NetApp for Data ProtectionNetApp
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013drewz lin
 
The Importance of Backup and Disaster Recovery
The Importance of Backup and Disaster RecoveryThe Importance of Backup and Disaster Recovery
The Importance of Backup and Disaster RecoveryNetEnrich, Inc.
 
Strategies for policy driven information classification
Strategies for policy driven information classificationStrategies for policy driven information classification
Strategies for policy driven information classificationWatchful Software
 
Verisk investor day 2017
Verisk investor day 2017Verisk investor day 2017
Verisk investor day 2017veriskir
 
RSA-Iceberg Seminar: Building an effective supplier risk management program
RSA-Iceberg Seminar: Building an effective supplier risk management programRSA-Iceberg Seminar: Building an effective supplier risk management program
RSA-Iceberg Seminar: Building an effective supplier risk management programIceberg Networks Corporation
 
Treat Cyber Like a Disease
Treat Cyber Like a DiseaseTreat Cyber Like a Disease
Treat Cyber Like a DiseaseSurfWatch Labs
 
Compliance favors only the prepared plan
Compliance favors only the prepared planCompliance favors only the prepared plan
Compliance favors only the prepared planInovaare Corporation
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsRick van der Kleij
 
agile-white-paper
agile-white-paperagile-white-paper
agile-white-paperAndrew Davidson
 
A n a t o m y
A n a t o m yA n a t o m y
A n a t o m yJoy April De Leon
 

More Related Content

What's hot

HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016SteveAtHPE
 
Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operationsElasticsearch
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!Emma Kelly
 
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No ShoesCarolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoescentralohioissa
 
Transform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationTransform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationEnterprise Management Associates
 
How to make managed services work
How to make managed services workHow to make managed services work
How to make managed services workJacklyn Johnson
 
Security Risks: The Threat is Real
Security Risks: The Threat is RealSecurity Risks: The Threat is Real
Security Risks: The Threat is RealePlus
 
Security Metrics Resources File
Security Metrics Resources FileSecurity Metrics Resources File
Security Metrics Resources Fileguest0947de
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure
 
AvailabilityGuard-Enterprise-2016
AvailabilityGuard-Enterprise-2016AvailabilityGuard-Enterprise-2016
AvailabilityGuard-Enterprise-2016Mark Stensen
 
Managing Your Risk Taxonomy within StratexPoint
Managing Your Risk Taxonomy within StratexPointManaging Your Risk Taxonomy within StratexPoint
Managing Your Risk Taxonomy within StratexPointAscendore Limited
 
10 Good Reasons: NetApp for Data Protection
10 Good Reasons: NetApp for Data Protection10 Good Reasons: NetApp for Data Protection
10 Good Reasons: NetApp for Data ProtectionNetApp
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013drewz lin
 
The Importance of Backup and Disaster Recovery
The Importance of Backup and Disaster RecoveryThe Importance of Backup and Disaster Recovery
The Importance of Backup and Disaster RecoveryNetEnrich, Inc.
 
Strategies for policy driven information classification
Strategies for policy driven information classificationStrategies for policy driven information classification
Strategies for policy driven information classificationWatchful Software
 
Verisk investor day 2017
Verisk investor day 2017Verisk investor day 2017
Verisk investor day 2017veriskir
 
RSA-Iceberg Seminar: Building an effective supplier risk management program
RSA-Iceberg Seminar: Building an effective supplier risk management programRSA-Iceberg Seminar: Building an effective supplier risk management program
RSA-Iceberg Seminar: Building an effective supplier risk management programIceberg Networks Corporation
 
Treat Cyber Like a Disease
Treat Cyber Like a DiseaseTreat Cyber Like a Disease
Treat Cyber Like a DiseaseSurfWatch Labs
 
Compliance favors only the prepared plan
Compliance favors only the prepared planCompliance favors only the prepared plan
Compliance favors only the prepared planInovaare Corporation
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsRick van der Kleij
 

What's hot (20)

HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016HPE Security Keynote from Istanbul 20th Jan 2016
HPE Security Keynote from Istanbul 20th Jan 2016
 
Building Elastic into security operations
Building Elastic into security operationsBuilding Elastic into security operations
Building Elastic into security operations
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!
 
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No ShoesCarolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
Carolyn Engstrom - IT Data Analytics: Why the Cobbler's Children Have No Shoes
 
Transform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and OrchestrationTransform Your Security Operations with Security Automation and Orchestration
Transform Your Security Operations with Security Automation and Orchestration
 
How to make managed services work
How to make managed services workHow to make managed services work
How to make managed services work
 
Security Risks: The Threat is Real
Security Risks: The Threat is RealSecurity Risks: The Threat is Real
Security Risks: The Threat is Real
 
Security Metrics Resources File
Security Metrics Resources FileSecurity Metrics Resources File
Security Metrics Resources File
 
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablementWeSecure Data Security Congres: 5 must haves to safe cloud enablement
WeSecure Data Security Congres: 5 must haves to safe cloud enablement
 
AvailabilityGuard-Enterprise-2016
AvailabilityGuard-Enterprise-2016AvailabilityGuard-Enterprise-2016
AvailabilityGuard-Enterprise-2016
 
Managing Your Risk Taxonomy within StratexPoint
Managing Your Risk Taxonomy within StratexPointManaging Your Risk Taxonomy within StratexPoint
Managing Your Risk Taxonomy within StratexPoint
 
10 Good Reasons: NetApp for Data Protection
10 Good Reasons: NetApp for Data Protection10 Good Reasons: NetApp for Data Protection
10 Good Reasons: NetApp for Data Protection
 
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
Ast 0079872 1505924-esg_wp_rsa_big_data_and_security_analytics_jan_2013
 
The Importance of Backup and Disaster Recovery
The Importance of Backup and Disaster RecoveryThe Importance of Backup and Disaster Recovery
The Importance of Backup and Disaster Recovery
 
Strategies for policy driven information classification
Strategies for policy driven information classificationStrategies for policy driven information classification
Strategies for policy driven information classification
 
Verisk investor day 2017
Verisk investor day 2017Verisk investor day 2017
Verisk investor day 2017
 
RSA-Iceberg Seminar: Building an effective supplier risk management program
RSA-Iceberg Seminar: Building an effective supplier risk management programRSA-Iceberg Seminar: Building an effective supplier risk management program
RSA-Iceberg Seminar: Building an effective supplier risk management program
 
Treat Cyber Like a Disease
Treat Cyber Like a DiseaseTreat Cyber Like a Disease
Treat Cyber Like a Disease
 
Compliance favors only the prepared plan
Compliance favors only the prepared planCompliance favors only the prepared plan
Compliance favors only the prepared plan
 
Towards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teamsTowards a Digital teammate to support sensemaking in Cyber Security teams
Towards a Digital teammate to support sensemaking in Cyber Security teams
 

Viewers also liked

Lee & Associates 2Q2016 Manhattan Office Report
Lee & Associates 2Q2016 Manhattan Office ReportLee & Associates 2Q2016 Manhattan Office Report
Lee & Associates 2Q2016 Manhattan Office ReportJoel Herskowitz
 
cement manufacturing processes
cement manufacturing processescement manufacturing processes
cement manufacturing processesAbdullah Awad
 
KarenSum_Samples
KarenSum_SamplesKarenSum_Samples
KarenSum_SamplesKaren Sum
 
Trabajo de informatica
Trabajo de informaticaTrabajo de informatica
Trabajo de informaticazoilinaldama
 
Kisi kisi un 2016 smp-m ts, sma-ma, smk-mak
Kisi kisi un 2016 smp-m ts, sma-ma, smk-makKisi kisi un 2016 smp-m ts, sma-ma, smk-mak
Kisi kisi un 2016 smp-m ts, sma-ma, smk-makRohadatul Aisy
 
HP Networking Fundamentals IP Subnetting
HP Networking Fundamentals IP SubnettingHP Networking Fundamentals IP Subnetting
HP Networking Fundamentals IP SubnettingTim McAuliffe
 
LIAISON OFFICER CERTIFICATE
LIAISON OFFICER CERTIFICATELIAISON OFFICER CERTIFICATE
LIAISON OFFICER CERTIFICATEDebby Kurnia
 
A2 Media - Storyboard for trailer
A2 Media - Storyboard for trailerA2 Media - Storyboard for trailer
A2 Media - Storyboard for trailershakelamayxo
 
A fashion/luxury approach to deep customer engagement
A fashion/luxury approach to deep customer engagementA fashion/luxury approach to deep customer engagement
A fashion/luxury approach to deep customer engagementLaura Gioia
 
презентація історія школи
презентація історія школипрезентація історія школи
презентація історія школиАндрій Федоров
 
Essential Package of Health Services Country Snapshot: Afghanistan
Essential Package of Health Services Country Snapshot: AfghanistanEssential Package of Health Services Country Snapshot: Afghanistan
Essential Package of Health Services Country Snapshot: AfghanistanHFG Project
 
Social Science-Conscious Analysis Case Study: The Cost of Public School
Social Science-Conscious Analysis Case Study: The Cost of Public SchoolSocial Science-Conscious Analysis Case Study: The Cost of Public School
Social Science-Conscious Analysis Case Study: The Cost of Public SchoolRiley H.
 

Viewers also liked (20)

agile-white-paper
agile-white-paperagile-white-paper
agile-white-paper
 
A n a t o m y
A n a t o m yA n a t o m y
A n a t o m y
 
Lee & Associates 2Q2016 Manhattan Office Report
Lee & Associates 2Q2016 Manhattan Office ReportLee & Associates 2Q2016 Manhattan Office Report
Lee & Associates 2Q2016 Manhattan Office Report
 
cement manufacturing processes
cement manufacturing processescement manufacturing processes
cement manufacturing processes
 
70s presentation
70s presentation70s presentation
70s presentation
 
70s presentation
70s presentation70s presentation
70s presentation
 
KarenSum_Samples
KarenSum_SamplesKarenSum_Samples
KarenSum_Samples
 
Trabajo de informatica
Trabajo de informaticaTrabajo de informatica
Trabajo de informatica
 
Kisi kisi un 2016 smp-m ts, sma-ma, smk-mak
Kisi kisi un 2016 smp-m ts, sma-ma, smk-makKisi kisi un 2016 smp-m ts, sma-ma, smk-mak
Kisi kisi un 2016 smp-m ts, sma-ma, smk-mak
 
HP Networking Fundamentals IP Subnetting
HP Networking Fundamentals IP SubnettingHP Networking Fundamentals IP Subnetting
HP Networking Fundamentals IP Subnetting
 
LIAISON OFFICER CERTIFICATE
LIAISON OFFICER CERTIFICATELIAISON OFFICER CERTIFICATE
LIAISON OFFICER CERTIFICATE
 
Work1m33 24-39
Work1m33 24-39Work1m33 24-39
Work1m33 24-39
 
Psiqui
PsiquiPsiqui
Psiqui
 
A2 Media - Storyboard for trailer
A2 Media - Storyboard for trailerA2 Media - Storyboard for trailer
A2 Media - Storyboard for trailer
 
A fashion/luxury approach to deep customer engagement
A fashion/luxury approach to deep customer engagementA fashion/luxury approach to deep customer engagement
A fashion/luxury approach to deep customer engagement
 
презентація історія школи
презентація історія школипрезентація історія школи
презентація історія школи
 
Essential Package of Health Services Country Snapshot: Afghanistan
Essential Package of Health Services Country Snapshot: AfghanistanEssential Package of Health Services Country Snapshot: Afghanistan
Essential Package of Health Services Country Snapshot: Afghanistan
 
Concurso de creación y declamación Francesco Paganoni 2015
Concurso de creación y declamación Francesco Paganoni 2015Concurso de creación y declamación Francesco Paganoni 2015
Concurso de creación y declamación Francesco Paganoni 2015
 
A halloween monster
A halloween monsterA halloween monster
A halloween monster
 
Social Science-Conscious Analysis Case Study: The Cost of Public School
Social Science-Conscious Analysis Case Study: The Cost of Public SchoolSocial Science-Conscious Analysis Case Study: The Cost of Public School
Social Science-Conscious Analysis Case Study: The Cost of Public School
 

Similar to Aujas_Gartner_Dubai_v1_Nov15

Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...Splunk
 
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasOperationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasInterset
 
The Four Balancing Acts Involved with Healthcare Data Security Frameworks
The Four Balancing Acts Involved with Healthcare Data Security FrameworksThe Four Balancing Acts Involved with Healthcare Data Security Frameworks
The Four Balancing Acts Involved with Healthcare Data Security FrameworksHealth Catalyst
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure SentinelMighty Guides, Inc.
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk
 
Splunk for security
Splunk for securitySplunk for security
Splunk for securityGreg Hanchin
 
How to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus AnalyticsHow to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus AnalyticsAujas
 
Webinar: Neues zur Splunk App for Enterprise Security
Webinar: Neues zur Splunk App for Enterprise SecurityWebinar: Neues zur Splunk App for Enterprise Security
Webinar: Neues zur Splunk App for Enterprise SecurityGeorg Knon
 
What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?John Gardner, CMC
 
Application Security Maturity Model
Application Security Maturity ModelApplication Security Maturity Model
Application Security Maturity ModelSecurity Innovation
 
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionTop 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionEnterprise Management Associates
 
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteOperationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteInterset
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentBradley Susser
 
Enterprise Strategy Group: The Big Data Security Analytics Era is Here
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEnterprise Strategy Group: The Big Data Security Analytics Era is Here
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEMC
 
Building and implementing a successful information security policy
Building and implementing a successful information security policyBuilding and implementing a successful information security policy
Building and implementing a successful information security policyRossMob1
 
Accelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationAccelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationEnterprise Management Associates
 
PPT-How to Build Your PA on a Strong Data Foundation
PPT-How to Build Your PA on a Strong Data Foundation PPT-How to Build Your PA on a Strong Data Foundation
PPT-How to Build Your PA on a Strong Data Foundation Natasha Ramdial - Roopnarine
 

Similar to Aujas_Gartner_Dubai_v1_Nov15 (20)

Splunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security KeynoteSplunk Discovery Day Dubai 2017 - Security Keynote
Splunk Discovery Day Dubai 2017 - Security Keynote
 
9545-RR-Why-Use-MSSP
9545-RR-Why-Use-MSSP9545-RR-Why-Use-MSSP
9545-RR-Why-Use-MSSP
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
SplunkLive! London 2017 - Building an Analytics Driven Security Operation Cen...
 
Operationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum DallasOperationalizing Big Data Security Analytics - IANS Forum Dallas
Operationalizing Big Data Security Analytics - IANS Forum Dallas
 
The Four Balancing Acts Involved with Healthcare Data Security Frameworks
The Four Balancing Acts Involved with Healthcare Data Security FrameworksThe Four Balancing Acts Involved with Healthcare Data Security Frameworks
The Four Balancing Acts Involved with Healthcare Data Security Frameworks
 
7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel7 Experts on Implementing Azure Sentinel
7 Experts on Implementing Azure Sentinel
 
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
Splunk Discovery: Warsaw 2018 - Solve Your Security Challenges with Splunk En...
 
Splunk for security
Splunk for securitySplunk for security
Splunk for security
 
How to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus AnalyticsHow to Enhance Vulnerability Management with Intelligence plus Analytics
How to Enhance Vulnerability Management with Intelligence plus Analytics
 
Webinar: Neues zur Splunk App for Enterprise Security
Webinar: Neues zur Splunk App for Enterprise SecurityWebinar: Neues zur Splunk App for Enterprise Security
Webinar: Neues zur Splunk App for Enterprise Security
 
What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?What is Enterprise Security Architecture (ESA)?
What is Enterprise Security Architecture (ESA)?
 
Application Security Maturity Model
Application Security Maturity ModelApplication Security Maturity Model
Application Security Maturity Model
 
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionTop 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
 
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto KeynoteOperationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
Operationalizing Big Data Security Analytics - IANS Forum Toronto Keynote
 
The Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk AssessmentThe Significance of IT Security Management & Risk Assessment
The Significance of IT Security Management & Risk Assessment
 
Enterprise Strategy Group: The Big Data Security Analytics Era is Here
Enterprise Strategy Group: The Big Data Security Analytics Era is HereEnterprise Strategy Group: The Big Data Security Analytics Era is Here
Enterprise Strategy Group: The Big Data Security Analytics Era is Here
 
Building and implementing a successful information security policy
Building and implementing a successful information security policyBuilding and implementing a successful information security policy
Building and implementing a successful information security policy
 
Accelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationAccelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident Investigation
 
PPT-How to Build Your PA on a Strong Data Foundation
PPT-How to Build Your PA on a Strong Data Foundation PPT-How to Build Your PA on a Strong Data Foundation
PPT-How to Build Your PA on a Strong Data Foundation
 

Aujas_Gartner_Dubai_v1_Nov15

  • 1. Copyright © Aujas Information Risk Services Making Security Analytics Work: From Data to Information to Insights Sameer Shelke Co-founder & CTO Nov 2015
  • 2. Copyright © Aujas Information Risk Services What’s Security Analytics? 2 Collect Analyze Report Collect data from various sources & controls, map it to information assets and create a normalized model Compare the data collected to set of rules of normal behavior and analyze the results Provide visualization (reports, dashboards etc.) of the analyzed results
  • 3. Copyright © Aujas Information Risk Services Why Security Analytics ? - Need for better ROSI 3 Despite of increase in security incidents & financial losses, security budgets are constrained in most organizations. Getting better ROSI (return on security investment) continues to be very important. Hence having a “state of security view” to understand current risk levels, its impact on business and using information (analytics) to make security decisions is important. The global state of information security survey 2015 – PWC. Survey covers 9700 CIO’s, CISO’s, across 154 countries
  • 4. Copyright © Aujas Information Risk Services Why Security Analytics ? - Visibility is key 4 Oct. 2014 survey of 350 participants, 20% of them from large orgs (>50K employees)
  • 5. Copyright © Aujas Information Risk Services Why Security Analytics ? - IOT – more risks, more data 5 3.0B 3.7B 4.9B 25B Gartner says 4.9 billion connected “things” will be in use in 2015. In 2020, 25 billion connected “things” will be in use. Data related to security of these “things” would implode, security analytics would be the only way to make sense out of it.
  • 6. Copyright © Aujas Information Risk Services What are the solution options? 6 Security Analytics SIEMplatforms Analytics platforms by adding analytics capability by adding security context Niche productcompanies Specialized products
  • 7. Copyright © Aujas Information Risk Services Data Information Insights 7 Collect Analyze Report Data Information Insights
  • 8. Copyright © Aujas Information Risk Services Making Security Analytics work 8 Collect Analyze Report Data Information Insights 1. Use available data & investments 2. Don’tignore unstructured data 3. Define your own normal 5. Don’twaste the opportunity 6. Change is the only constant
  • 9. Copyright © Aujas Information Risk Services Making Security Analytics work 9 1. Use available data & investments 2. Don’tignore unstructured data Aggregators (e.g.SIEM) tools are good data source’s We have relevantdata in unstructured sources likeXLS, PDF’s,pointDB’s Currentinvestments (security & non-security) generaterelevant data
  • 10. Copyright © Aujas Information Risk Services Making Security Analytics work 10 Analyze 3. Define your own normal Resignation Pre-exit DLP Incidents U1 U2 U3 U4 D1 D2 Compare against Your “normal” Visualize results D3
  • 11. Copyright © Aujas Information Risk Services Making Security Analytics work 11 Report 5. Don’twaste the opportunity End of life timeline Vulnerabilities T1 T2 T3 T8 T6 T4 T7 T5 Client A Client B Client C Client D Compliance status
  • 12. Copyright © Aujas Information Risk Services Making Security Analytics work 12 Collect Analyze Report Data Information Insights 1. Use available data & investments 2. Don’tignore unstructured data 3. Define your own normal 5. Don’twaste the opportunity 6. Change is the only constant
  • 13. Copyright © Aujas Information Risk Services 13 Thank You www.savpbyaujas.com sameer.shelke@aujas.com sameersblog.aujas.com Bangalore | Cupertino | Delhi | Dubai | Jersey City | Mumbai