SlideShare a Scribd company logo

Monitoring security in the externalised organisation (Auscert 2013)

Download as PPTX, PDF
Huntsman Security
Huntsman Security

With an increasing prevalence of cloud services, end user computing and third party delivery - many organisations are having to monitor security controls at arms length where they don't have direct contact or access

TechnologyBusiness
1 of 14
Copyright © Tier-3 Pty Ltd, 2012. All rights reserved. Monitoring security in the “Externalised organisation” (Or in the “office of the future”) Piers Wilson Tier-3 Huntsman® - Head of Product Management
Introductions 210/2/2013 Piers Wilson Head of Product Management at Tier-3 Director of IISP Previously Senior Manager in PricewaterhouseCoopers Cyber Security practice Tier-3 Huntsman® Advanced Security Incident & Event Management (SIEM) solution • High performance event correlation • Behaviour Anomaly Detection (BAD 2.0) • “Big data” analytics • Governance, Risk, Compliance • Cloud/multi-tenancy support • Active response
Agenda and scope • What this talk is about… – The implications of technology trends – Anticipating the emergent IT and security environment – Monitoring security when: • It is more important • It is more difficult – Approaches to dealing with this in a constructive way 10/2/2013 3 79% of the UK population use the internet anywhere, on any device Ofcom, 2012 Looking ahead to 2013, we are going to see more and more organisations seeking alternatives to on-premise deployments. Paul Moxon, Axway (via IDG Connect) Most significantly, we’re seeing an overriding belief that cloud is disrupting software in fundamental and lasting ways. Michael Skok, 2012 Future of Cloud Computing A standard setup of computing on a business' premises — a server in a closet or basement, and software loaded on individual machines — is a model that's likely to drift into obsolescence The Daily Progress, 2013 Enterprise mobility is booming; organizations must connect with employees, customers, and partners in new ways and across new devices and applications. Forrester
Background • Mobile apps, consumerisation and "bring your own device" are here • Users / Customers increasingly expect to access systems via mobile / personal devices • Cloud computing is well along the hype curve – its use and pervasiveness is growing • Social media is already a more “normal” way of working than email for many people 10/2/2013 4
The old “Office of the Future” 10/2/2013 5
The “Office of the Future” This is starting to be known as the “externalised organisation” A greater focus and proportion of IT delivery / use happens outside 10/2/2013 6 IT your users control IT your cloud provider controls IT you control
Conclusions... Security teams face a real challenge • Data isn’t where it used to be • The network is going beyond just losing its perimeter to being completely external • You have a lot less control over the front and back end platforms (i.e. none) • People are working and communicating differently (e.g. social media) Some new approaches are necessary... 10/2/2013 7
More diversity and complexity in monitoring and control 10/2/2013 8 Security Operations • Greater visibility • Compliance burden • Improved response Cyber-securityUsers Mobile Environment Cloud ApplicationsPaaS • Cyber security controls • Threat feeds • Social media • End-user devices • Social Media • MDM • Mobile Apps • App backends • Salesforce • Etc... • Virtualised Platforms • Hypervisor layer Platforms PhysicalSecurity ControlsNetworkApplications • Windows • Unix • Mainframe • Locks • CCTV • RFID • Firewalls • AV • IDS/IPS • ID&AM • LAN/WAN • VPN • Remote Access • Web • Client/Server • Databases
Future-proof, advanced SIEM solutions 10/2/2013 9 Cyber-security Users Mobile Environment Cloud Applications PaaS • Ability to consider the platform and the hypervisor layer • Multi-tenancy increasingly going to be demanded by platform suppliers • Ability to monitor service levels and risk currently rare • Everything is externalised, what log access is possible? • Are there ways to track access, misuse, anomalous go away • MDM platforms and staff mobility management • Custom apps – does log data come from the user device or the back-end • What will mobile payments mean – esp. for carriers, banks, retailers • Activity on internal and external systems • Social media monitoring – legality, effectiveness and feasibility • What about the wider communications environment • Increasingly rich market for “cyber security solutions” which add to the controls portfolio None of this is easy Agility within the organisation and in its security partners will be key Check suppliers have got these trends on their radar Operations will require “intelligent” SIEM solutions to meet business demands
Future security operations 10/2/2013 10 Data Visualisation Data Enrichment Cloud platforms External Apps Threats Intelligent SIEM
Deciding what information to collect and why… Security teams are used to drawing a balance between benefit and risk • what data we collect and its value Industry (more widely) is starting to invest in, and discover, the value of data analytics In security, the wider benefits of “big data” involves different parameters … more data means: • Improved fraud analytic capability • Better customer profiling • More context • Better diagnostics (and anticipation) AND • Greater visibility around security threats, risks, attacks 10/2/2013 11 Smarter data analytics More useful data sources More uses / Bigger audience
… and then making sure we can protect it Growth of security/customer/fraud/business data from the mobile computing environment can: • Challenge privacy obligations • Give security teams another (and higher impact) data set to protect Need to evolve security stance - even simple “big data” examples could raise the risk levels much higher Cloud changes the way we deliver IT Must ensure we have the right tools and approaches to gain the maximum value from the security, fraud, activity data available Social media exposes users, and gives business new ways to interact Usage and brand management need monitoring - threat awareness becomes a tangible advantage 10/2/2013 12
So what? • The value of (all) data is increasing • More mobile and app-oriented environment and wider adoption of external services … security logs, behaviour anomaly detection, cyber threat detection and analytics more critical … businesses increasingly looking to drive efficiencies and interaction • We have to acknowledge these trends and ensure that we adequately protect business information • Gaining visibility – and keeping it – is vital 10/2/2013 13
Copyright © Tier-3 Pty Ltd, 2012. All rights Finally… 14 Time for questions Or: Find me at Tier-3’s stand piers.wilson@tier-3.com +44 (0) 7800 508517 www.tier-3.com @tier3huntsman

Recommended

BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestJay McLaughlin
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputationNikec Solutions
 
Security in the Cloud
Security in the CloudSecurity in the Cloud
Security in the CloudWindTalker Security
 
Ethics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesEthics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesPrakhyath Rai
 
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...Micro Focus
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?IBM Security
 
Mobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging RisksMobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging RisksIBM Security
 

Recommended

BYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestBYOD: Device Control in the Wild, Wild, West
BYOD: Device Control in the Wild, Wild, WestJay McLaughlin
 
3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputation3 ways to secure your law firm’s information and reputation
3 ways to secure your law firm’s information and reputationNikec Solutions
 
Security in the Cloud
Security in the CloudSecurity in the Cloud
Security in the CloudWindTalker Security
 
Ethics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesEthics, Professionalism and Other Emerging Technologies
Ethics, Professionalism and Other Emerging TechnologiesPrakhyath Rai
 
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...
#MFSummit2016 Secure: How Security and Identity Analytics can Drive Adaptive ...Micro Focus
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?IBM Security
 
Mobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging RisksMobile Payments: Protecting Apps and Data from Emerging Risks
Mobile Payments: Protecting Apps and Data from Emerging RisksIBM Security
 
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSonny Hashmi
 
Securing the network perimeter
Securing the network perimeterSecuring the network perimeter
Securing the network perimeterinfra-si
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security RiskMurray Security Services
 
Security Awareness
Security AwarenessSecurity Awareness
Security AwarenessDinesh O Bareja
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 
FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliverMadison Oliver
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
IoT_Structure
IoT_StructureIoT_Structure
IoT_StructureBrandon Walston
 
2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation SlidesIvanti
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec
 
A Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioA Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioIvanti
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Reasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy WorldReasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy WorldElastica Inc.
 
Cybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCommunity IT Innovators
 
Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16James Rutt
 
BYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And BenefitsBYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And BenefitsModis
 
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...mkeane
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...CableLabs
 
Physical security of premises
Physical security of premisesPhysical security of premises
Physical security of premisesKatta abhishek Prasad
 
Security Projects & Projects Safety
Security Projects & Projects SafetySecurity Projects & Projects Safety
Security Projects & Projects SafetyCommunity Protection Forum
 

More Related Content

What's hot

Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSonny Hashmi
 
Securing the network perimeter
Securing the network perimeterSecuring the network perimeter
Securing the network perimeterinfra-si
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsIBM Security
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 
FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliverMadison Oliver
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - GuidelinesPedro Espinosa
 
2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation SlidesIvanti
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadIBM Security
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec
 
A Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioA Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioIvanti
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...IBM Security
 
Reasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy WorldReasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy WorldElastica Inc.
 
Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16James Rutt
 
BYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And BenefitsBYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And BenefitsModis
 
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...mkeane
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...CableLabs
 

What's hot (20)

Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb es
 
Securing the network perimeter
Securing the network perimeterSecuring the network perimeter
Securing the network perimeter
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
 
Information & Cyber Security Risk
Information & Cyber Security RiskInformation & Cyber Security Risk
Information & Cyber Security Risk
 
Security Awareness
Security AwarenessSecurity Awareness
Security Awareness
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 
FinalResearch_95752_oliver
FinalResearch_95752_oliverFinalResearch_95752_oliver
FinalResearch_95752_oliver
 
IT Security - Guidelines
IT Security - GuidelinesIT Security - Guidelines
IT Security - Guidelines
 
IoT_Structure
IoT_StructureIoT_Structure
IoT_Structure
 
2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides2021 English Part One Anti-phishing Webinar Presentation Slides
2021 English Part One Anti-phishing Webinar Presentation Slides
 
Compliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies aheadCompliance is a pit stop – your destination lies ahead
Compliance is a pit stop – your destination lies ahead
 
Symantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global ResultsSymantec 2011 Social Media Protection Flash Poll Global Results
Symantec 2011 Social Media Protection Flash Poll Global Results
 
A Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti PorfolioA Non-Salesy Intro to the Ivanti Porfolio
A Non-Salesy Intro to the Ivanti Porfolio
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Reasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy WorldReasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy World
 
Cybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCybersecurity Training for Nonprofits
Cybersecurity Training for Nonprofits
 
Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16Cybersecurity-Real World Approach FINAL 2-24-16
Cybersecurity-Real World Approach FINAL 2-24-16
 
BYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And BenefitsBYOD (Bring Your Own Device) Risks And Benefits
BYOD (Bring Your Own Device) Risks And Benefits
 
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...
When Worlds Collide: Tracking the Trends at the Intersection of Social, Mobil...
 
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
IoT and Cybersecurity: What can be done? by Gerald Faulhaber at Inform[ED] Io...
 

Viewers also liked

Security Presentation
Security PresentationSecurity Presentation
Security PresentationGerhard Peens
 
Elite Force Security Service Brief
Elite Force Security Service BriefElite Force Security Service Brief
Elite Force Security Service BriefNishongo Gangchil
 
Chapter 15 Health, Safety, and Security
Chapter 15 Health, Safety, and SecurityChapter 15 Health, Safety, and Security
Chapter 15 Health, Safety, and SecurityRayman Soe
 
Example 1 Testing PPt
Example 1 Testing PPtExample 1 Testing PPt
Example 1 Testing PPtLeonardhart
 
Sample presentation for video marketing your security guard service
Sample presentation for video marketing your security guard serviceSample presentation for video marketing your security guard service
Sample presentation for video marketing your security guard serviceOfficerReports.com
 
Chapter 15 International Human Resources Management
Chapter 15 International Human Resources ManagementChapter 15 International Human Resources Management
Chapter 15 International Human Resources ManagementRayman Soe
 
Safety (Security) Training
Safety (Security) TrainingSafety (Security) Training
Safety (Security) Trainingworksteadc
 
Module 10 Physical Security
Module 10 Physical SecurityModule 10 Physical Security
Module 10 Physical Securityleminhvuong
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & BuildSameer Paradia
 
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...Amazon Web Services
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practicesamiable_indian
 
Tracxn Research - Event Management Landscape, January 2017
Tracxn Research - Event Management Landscape, January 2017Tracxn Research - Event Management Landscape, January 2017
Tracxn Research - Event Management Landscape, January 2017Tracxn
 

Viewers also liked (16)

Physical security of premises
Physical security of premisesPhysical security of premises
Physical security of premises
 
Security Projects & Projects Safety
Security Projects & Projects SafetySecurity Projects & Projects Safety
Security Projects & Projects Safety
 
Security Presentation
Security PresentationSecurity Presentation
Security Presentation
 
Elite Force Security Service Brief
Elite Force Security Service BriefElite Force Security Service Brief
Elite Force Security Service Brief
 
Chapter 15 Health, Safety, and Security
Chapter 15 Health, Safety, and SecurityChapter 15 Health, Safety, and Security
Chapter 15 Health, Safety, and Security
 
Example 1 Testing PPt
Example 1 Testing PPtExample 1 Testing PPt
Example 1 Testing PPt
 
Sample presentation for video marketing your security guard service
Sample presentation for video marketing your security guard serviceSample presentation for video marketing your security guard service
Sample presentation for video marketing your security guard service
 
Chapter 15 International Human Resources Management
Chapter 15 International Human Resources ManagementChapter 15 International Human Resources Management
Chapter 15 International Human Resources Management
 
SECURITY AWARENESS
SECURITY AWARENESSSECURITY AWARENESS
SECURITY AWARENESS
 
Safety (Security) Training
Safety (Security) TrainingSafety (Security) Training
Safety (Security) Training
 
Module 10 Physical Security
Module 10 Physical SecurityModule 10 Physical Security
Module 10 Physical Security
 
HP ArcSight
HP ArcSight HP ArcSight
HP ArcSight
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
 
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...
 
Security Management Practices
Security Management PracticesSecurity Management Practices
Security Management Practices
 
Tracxn Research - Event Management Landscape, January 2017
Tracxn Research - Event Management Landscape, January 2017Tracxn Research - Event Management Landscape, January 2017
Tracxn Research - Event Management Landscape, January 2017
 

Similar to Monitoring security in the externalised organisation (Auscert 2013)

Hidden security and privacy consequences around mobility (Infosec 2013)
Hidden security and privacy consequences around mobility (Infosec 2013)Hidden security and privacy consequences around mobility (Infosec 2013)
Hidden security and privacy consequences around mobility (Infosec 2013)Huntsman Security
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Omar Khawaja
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gapxband
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyStorage Switzerland
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterpriseinfra-si
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Unisys Corporation
 
Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Steve Markey
 
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Tudor Damian
 
10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop VirtualizationCitrix
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdfmistryritesh
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataOnline Business
 
Service2Media: Webinar Security & Management (17 March 2014) by Derk Tegeler
Service2Media: Webinar Security & Management (17 March 2014) by Derk Tegeler Service2Media: Webinar Security & Management (17 March 2014) by Derk Tegeler
Service2Media: Webinar Security & Management (17 March 2014) by Derk Tegeler Service2Media
 
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfInfinityGroup5
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifySumana Mehta
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspectiveSravan Ankaraju
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile securityJAYANT RAJURKAR
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachCloudLock
 

Similar to Monitoring security in the externalised organisation (Auscert 2013) (20)

Hidden security and privacy consequences around mobility (Infosec 2013)
Hidden security and privacy consequences around mobility (Infosec 2013)Hidden security and privacy consequences around mobility (Infosec 2013)
Hidden security and privacy consequences around mobility (Infosec 2013)
 
Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security Two Peas in a Pod: Cloud Security and Mobile Security
Two Peas in a Pod: Cloud Security and Mobile Security
 
Bridging the Data Security Gap
Bridging the Data Security GapBridging the Data Security Gap
Bridging the Data Security Gap
 
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyWebinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
Webinar: Endpoint Backup is not Enough - You Need an End-user Data Strategy
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterprise
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
 
Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5
 
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
 
10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization10 Reasons to Strengthen Security with App & Desktop Virtualization
10 Reasons to Strengthen Security with App & Desktop Virtualization
 
10.1.1.436.3364.pdf
10.1.1.436.3364.pdf10.1.1.436.3364.pdf
10.1.1.436.3364.pdf
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
 
En msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdataEn msft-scrty-cntnt-e book-protectyourdata
En msft-scrty-cntnt-e book-protectyourdata
 
Service2Media: Webinar Security & Management (17 March 2014) by Derk Tegeler
Service2Media: Webinar Security & Management (17 March 2014) by Derk Tegeler Service2Media: Webinar Security & Management (17 March 2014) by Derk Tegeler
Service2Media: Webinar Security & Management (17 March 2014) by Derk Tegeler
 
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdfJust-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
Just-How-Secure-is-your-Remote-Workforce-Infinity-Group-Ebook.pdf
 
Embracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and CentrifyEmbracing secure, scalable BYOD with Sencha and Centrify
Embracing secure, scalable BYOD with Sencha and Centrify
 
Putting data science into perspective
Putting data science into perspectivePutting data science into perspective
Putting data science into perspective
 
report on Mobile security
report on Mobile securityreport on Mobile security
report on Mobile security
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
 

More from Huntsman Security

Infosecurity Europe 2016 - Low-friction Security
Infosecurity Europe 2016 - Low-friction SecurityInfosecurity Europe 2016 - Low-friction Security
Infosecurity Europe 2016 - Low-friction SecurityHuntsman Security
 
Infosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security responseInfosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security responseHuntsman Security
 
Huntsman - Threat intelligence (for IAP2015)
Huntsman - Threat intelligence (for IAP2015)Huntsman - Threat intelligence (for IAP2015)
Huntsman - Threat intelligence (for IAP2015)Huntsman Security
 
Huntsman - Internet of things (for IAP2015)
Huntsman - Internet of things (for IAP2015)Huntsman - Internet of things (for IAP2015)
Huntsman - Internet of things (for IAP2015)Huntsman Security
 
Internet of Things: Dealing with the enterprise network of things
Internet of Things: Dealing with the enterprise network of thingsInternet of Things: Dealing with the enterprise network of things
Internet of Things: Dealing with the enterprise network of thingsHuntsman Security
 
Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Huntsman Security
 
Infosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPInfosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPHuntsman Security
 
Using automation to improve the effectiveness of security operations
Using automation to improve the effectiveness of security operationsUsing automation to improve the effectiveness of security operations
Using automation to improve the effectiveness of security operationsHuntsman Security
 
Insider threats - Lessons from Snowden (ISF UK Chapter)
Insider threats - Lessons from Snowden (ISF UK Chapter)Insider threats - Lessons from Snowden (ISF UK Chapter)
Insider threats - Lessons from Snowden (ISF UK Chapter)Huntsman Security
 

More from Huntsman Security (9)

Infosecurity Europe 2016 - Low-friction Security
Infosecurity Europe 2016 - Low-friction SecurityInfosecurity Europe 2016 - Low-friction Security
Infosecurity Europe 2016 - Low-friction Security
 
Infosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security responseInfosec 2015 - Using threat intelligence to improve security response
Infosec 2015 - Using threat intelligence to improve security response
 
Huntsman - Threat intelligence (for IAP2015)
Huntsman - Threat intelligence (for IAP2015)Huntsman - Threat intelligence (for IAP2015)
Huntsman - Threat intelligence (for IAP2015)
 
Huntsman - Internet of things (for IAP2015)
Huntsman - Internet of things (for IAP2015)Huntsman - Internet of things (for IAP2015)
Huntsman - Internet of things (for IAP2015)
 
Internet of Things: Dealing with the enterprise network of things
Internet of Things: Dealing with the enterprise network of thingsInternet of Things: Dealing with the enterprise network of things
Internet of Things: Dealing with the enterprise network of things
 
Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...Intelligence-based computer network defence: Understanding the cyber kill cha...
Intelligence-based computer network defence: Understanding the cyber kill cha...
 
Infosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSPInfosec 2014 - Considerations when choosing an MSSP
Infosec 2014 - Considerations when choosing an MSSP
 
Using automation to improve the effectiveness of security operations
Using automation to improve the effectiveness of security operationsUsing automation to improve the effectiveness of security operations
Using automation to improve the effectiveness of security operations
 
Insider threats - Lessons from Snowden (ISF UK Chapter)
Insider threats - Lessons from Snowden (ISF UK Chapter)Insider threats - Lessons from Snowden (ISF UK Chapter)
Insider threats - Lessons from Snowden (ISF UK Chapter)
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

Monitoring security in the externalised organisation (Auscert 2013)

  • 1. Copyright © Tier-3 Pty Ltd, 2012. All rights reserved. Monitoring security in the “Externalised organisation” (Or in the “office of the future”) Piers Wilson Tier-3 Huntsman® - Head of Product Management
  • 2. Introductions 210/2/2013 Piers Wilson Head of Product Management at Tier-3 Director of IISP Previously Senior Manager in PricewaterhouseCoopers Cyber Security practice Tier-3 Huntsman® Advanced Security Incident & Event Management (SIEM) solution • High performance event correlation • Behaviour Anomaly Detection (BAD 2.0) • “Big data” analytics • Governance, Risk, Compliance • Cloud/multi-tenancy support • Active response
  • 3. Agenda and scope • What this talk is about… – The implications of technology trends – Anticipating the emergent IT and security environment – Monitoring security when: • It is more important • It is more difficult – Approaches to dealing with this in a constructive way 10/2/2013 3 79% of the UK population use the internet anywhere, on any device Ofcom, 2012 Looking ahead to 2013, we are going to see more and more organisations seeking alternatives to on-premise deployments. Paul Moxon, Axway (via IDG Connect) Most significantly, we’re seeing an overriding belief that cloud is disrupting software in fundamental and lasting ways. Michael Skok, 2012 Future of Cloud Computing A standard setup of computing on a business' premises — a server in a closet or basement, and software loaded on individual machines — is a model that's likely to drift into obsolescence The Daily Progress, 2013 Enterprise mobility is booming; organizations must connect with employees, customers, and partners in new ways and across new devices and applications. Forrester
  • 4. Background • Mobile apps, consumerisation and "bring your own device" are here • Users / Customers increasingly expect to access systems via mobile / personal devices • Cloud computing is well along the hype curve – its use and pervasiveness is growing • Social media is already a more “normal” way of working than email for many people 10/2/2013 4
  • 5. The old “Office of the Future” 10/2/2013 5
  • 6. The “Office of the Future” This is starting to be known as the “externalised organisation” A greater focus and proportion of IT delivery / use happens outside 10/2/2013 6 IT your users control IT your cloud provider controls IT you control
  • 7. Conclusions... Security teams face a real challenge • Data isn’t where it used to be • The network is going beyond just losing its perimeter to being completely external • You have a lot less control over the front and back end platforms (i.e. none) • People are working and communicating differently (e.g. social media) Some new approaches are necessary... 10/2/2013 7
  • 8. More diversity and complexity in monitoring and control 10/2/2013 8 Security Operations • Greater visibility • Compliance burden • Improved response Cyber-securityUsers Mobile Environment Cloud ApplicationsPaaS • Cyber security controls • Threat feeds • Social media • End-user devices • Social Media • MDM • Mobile Apps • App backends • Salesforce • Etc... • Virtualised Platforms • Hypervisor layer Platforms PhysicalSecurity ControlsNetworkApplications • Windows • Unix • Mainframe • Locks • CCTV • RFID • Firewalls • AV • IDS/IPS • ID&AM • LAN/WAN • VPN • Remote Access • Web • Client/Server • Databases
  • 9. Future-proof, advanced SIEM solutions 10/2/2013 9 Cyber-security Users Mobile Environment Cloud Applications PaaS • Ability to consider the platform and the hypervisor layer • Multi-tenancy increasingly going to be demanded by platform suppliers • Ability to monitor service levels and risk currently rare • Everything is externalised, what log access is possible? • Are there ways to track access, misuse, anomalous go away • MDM platforms and staff mobility management • Custom apps – does log data come from the user device or the back-end • What will mobile payments mean – esp. for carriers, banks, retailers • Activity on internal and external systems • Social media monitoring – legality, effectiveness and feasibility • What about the wider communications environment • Increasingly rich market for “cyber security solutions” which add to the controls portfolio None of this is easy Agility within the organisation and in its security partners will be key Check suppliers have got these trends on their radar Operations will require “intelligent” SIEM solutions to meet business demands
  • 10. Future security operations 10/2/2013 10 Data Visualisation Data Enrichment Cloud platforms External Apps Threats Intelligent SIEM
  • 11. Deciding what information to collect and why… Security teams are used to drawing a balance between benefit and risk • what data we collect and its value Industry (more widely) is starting to invest in, and discover, the value of data analytics In security, the wider benefits of “big data” involves different parameters … more data means: • Improved fraud analytic capability • Better customer profiling • More context • Better diagnostics (and anticipation) AND • Greater visibility around security threats, risks, attacks 10/2/2013 11 Smarter data analytics More useful data sources More uses / Bigger audience
  • 12. … and then making sure we can protect it Growth of security/customer/fraud/business data from the mobile computing environment can: • Challenge privacy obligations • Give security teams another (and higher impact) data set to protect Need to evolve security stance - even simple “big data” examples could raise the risk levels much higher Cloud changes the way we deliver IT Must ensure we have the right tools and approaches to gain the maximum value from the security, fraud, activity data available Social media exposes users, and gives business new ways to interact Usage and brand management need monitoring - threat awareness becomes a tangible advantage 10/2/2013 12
  • 13. So what? • The value of (all) data is increasing • More mobile and app-oriented environment and wider adoption of external services … security logs, behaviour anomaly detection, cyber threat detection and analytics more critical … businesses increasingly looking to drive efficiencies and interaction • We have to acknowledge these trends and ensure that we adequately protect business information • Gaining visibility – and keeping it – is vital 10/2/2013 13
  • 14. Copyright © Tier-3 Pty Ltd, 2012. All rights Finally… 14 Time for questions Or: Find me at Tier-3’s stand piers.wilson@tier-3.com +44 (0) 7800 508517 www.tier-3.com @tier3huntsman