SlideShare a Scribd company logo

Ensuring Security and Compliance in a Data Deluge

Tripwire
Tripwire

The average IT infrastructure experiences millions, if not billions of events a day. Most are non-critical or business-as-usual. So how to you find the ones that aren't-the ones that threaten IT security or impact compliance? Organizations collect more than enough data to make these determinations; they just don't have automated intelligence that makes this data useful. As a result, they often take months to detect a breach. Learn how you can reduce the breach-to-detection gap from months to minutes to keep your data safe and prove compliance. In this webcast, Tim Zonca, Product Marketing Manager for Tripwire Log Center, and Ed Rarick, Tripwire PCI Evangelist, discuss: Why the breach-to-detection gap is so long What capabilities organizations need to reduce this gap How Tripwire VIA solutions combine to reduce the gap without the complexity and bloat of traditional security solutions

1 of 36
Download to read offline
Ensuring Security &
Compliance in a
Data Deluge
Ensuring Security and Compliance in a Data Deluge
Barriers     Expanding threat   Market is consolidating   Existing technology
To Success   landscape; more    and leaning on            isn’t providing
             cybercrime with    strategic vendor          expected ROI,
             sophisticated      relationships to          is too expensive and
             adversaries        reduce TCO                complex, and only
                                of existing solutions     delivers data
Barriers     Expanding threat   Market is consolidating   Existing technology
To Success   landscape; more    and leaning on            isn’t providing
             cybercrime with    strategic vendor          expected ROI,
             sophisticated      relationships to          is too expensive and
             adversaries        reduce TCO                complex, and only
                                of existing solutions     delivers data
 Don’t know what I don’t know
Prevent Outages
                          Too much data to sift through
Protect Sensitive Data    Cost of being secure, compliant
                           and efficient is too high and labor
                           intensive
Prove Compliance
 Don’t know what I don’t know
Prevent Outages
                          Too much data to sift through
Protect Sensitive Data    Cost of being secure, compliant
                           and efficient is too high and labor
                           intensive
Prove Compliance

Recommended

Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune Systemcentralohioissa
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?centralohioissa
 
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...Symantec
 
Art Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat PreventionArt Hathaway - Artificial Intelligence - Real Threat Prevention
Art Hathaway - Artificial Intelligence - Real Threat Preventioncentralohioissa
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 

More Related Content

What's hot

Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!centralohioissa
 
2010-05 Real Business, Real Threats! Don't be an Unsuspecting Target
2010-05 Real Business, Real Threats!  Don't be an Unsuspecting Target 2010-05 Real Business, Real Threats!  Don't be an Unsuspecting Target
2010-05 Real Business, Real Threats! Don't be an Unsuspecting Target Raleigh ISSA
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...Skoda Minotti
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communicationscentralohioissa
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...Brian Kelly
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight:Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight:Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 DaysDigital Guardian
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligencecentralohioissa
 
What Happens Before the Kill Chain
What Happens Before the Kill Chain What Happens Before the Kill Chain
What Happens Before the Kill Chain OpenDNS
 
Why Have A Digital Investigative Infrastructure
Why Have A Digital Investigative InfrastructureWhy Have A Digital Investigative Infrastructure
Why Have A Digital Investigative InfrastructureKevin Wharram
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionDigital Guardian
 
Big data security
Big data securityBig data security
Big data securityCloudBees
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Coastal Pet Products, Inc.
 
Applying intelligent deception to detect sophisticated cyber attacks
Applying intelligent deception to detect sophisticated cyber attacksApplying intelligent deception to detect sophisticated cyber attacks
Applying intelligent deception to detect sophisticated cyber attacksFidelis Cybersecurity
 
Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?ThinAir
 
Securing Access to PeopleSoft ERP with Duo Security and GreyHeller
Securing Access to PeopleSoft ERP with Duo Security and GreyHellerSecuring Access to PeopleSoft ERP with Duo Security and GreyHeller
Securing Access to PeopleSoft ERP with Duo Security and GreyHellerDuo Security
 
Secure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataSecure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataArmor
 

What's hot (20)

Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!Jim Wojno: Incident Response - No Pain, No Gain!
Jim Wojno: Incident Response - No Pain, No Gain!
 
2010-05 Real Business, Real Threats! Don't be an Unsuspecting Target
2010-05 Real Business, Real Threats!  Don't be an Unsuspecting Target 2010-05 Real Business, Real Threats!  Don't be an Unsuspecting Target
2010-05 Real Business, Real Threats! Don't be an Unsuspecting Target
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
Chris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert CommunicationsChris Haley - Understanding Attackers' Use of Covert Communications
Chris Haley - Understanding Attackers' Use of Covert Communications
 
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
How To Stop Targeted Attacks And Avoid “Expense In Depth” With Strong Authent...
 
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
Customer Spotlight:Deploying a Data Protection Program in less than 120 DaysCustomer Spotlight:Deploying a Data Protection Program in less than 120 Days
Customer Spotlight: Deploying a Data Protection Program in less than 120 Days
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive Overview
 
Ed McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat IntelligenceEd McCabe - Putting the Intelligence back in Threat Intelligence
Ed McCabe - Putting the Intelligence back in Threat Intelligence
 
What Happens Before the Kill Chain
What Happens Before the Kill Chain What Happens Before the Kill Chain
What Happens Before the Kill Chain
 
Why Have A Digital Investigative Infrastructure
Why Have A Digital Investigative InfrastructureWhy Have A Digital Investigative Infrastructure
Why Have A Digital Investigative Infrastructure
 
The CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss PreventionThe CISO’s Guide to Data Loss Prevention
The CISO’s Guide to Data Loss Prevention
 
Big data security
Big data securityBig data security
Big data security
 
Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title) Big Data, Security Intelligence, (And Why I Hate This Title)
Big Data, Security Intelligence, (And Why I Hate This Title)
 
Applying intelligent deception to detect sophisticated cyber attacks
Applying intelligent deception to detect sophisticated cyber attacksApplying intelligent deception to detect sophisticated cyber attacks
Applying intelligent deception to detect sophisticated cyber attacks
 
Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?Cloud – Helps or Hurts Insider Threat?
Cloud – Helps or Hurts Insider Threat?
 
DLP
DLPDLP
DLP
 
Securing Access to PeopleSoft ERP with Duo Security and GreyHeller
Securing Access to PeopleSoft ERP with Duo Security and GreyHellerSecuring Access to PeopleSoft ERP with Duo Security and GreyHeller
Securing Access to PeopleSoft ERP with Duo Security and GreyHeller
 
Secure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your DataSecure Cloud Hosting: Real Requirements to Protect your Data
Secure Cloud Hosting: Real Requirements to Protect your Data
 

Viewers also liked

4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
SQL Server 2008 Security Overview
SQL Server 2008 Security OverviewSQL Server 2008 Security Overview
SQL Server 2008 Security Overviewukdpe
 
How to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsHow to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsKyle Brown
 
Data Governance, Compliance and Security in Hadoop with Cloudera
Data Governance, Compliance and Security in Hadoop with ClouderaData Governance, Compliance and Security in Hadoop with Cloudera
Data Governance, Compliance and Security in Hadoop with ClouderaCaserta
 
10 Keys to Data-Centric Security
10 Keys to Data-Centric Security10 Keys to Data-Centric Security
10 Keys to Data-Centric SecuritySirius
 
Seven Key Elements of a Successful Encryption Strategy
Seven Key Elements of a Successful Encryption StrategySeven Key Elements of a Successful Encryption Strategy
Seven Key Elements of a Successful Encryption StrategySirius
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Ulf Mattsson
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security pptLipsita Behera
 

Viewers also liked (10)

4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 
myCVmaged
myCVmagedmyCVmaged
myCVmaged
 
SQL Server 2008 Security Overview
SQL Server 2008 Security OverviewSQL Server 2008 Security Overview
SQL Server 2008 Security Overview
 
How to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity RequirementsHow to Approach the NYDFS Proposed Cybersecurity Requirements
How to Approach the NYDFS Proposed Cybersecurity Requirements
 
Data Governance, Compliance and Security in Hadoop with Cloudera
Data Governance, Compliance and Security in Hadoop with ClouderaData Governance, Compliance and Security in Hadoop with Cloudera
Data Governance, Compliance and Security in Hadoop with Cloudera
 
10 Keys to Data-Centric Security
10 Keys to Data-Centric Security10 Keys to Data-Centric Security
10 Keys to Data-Centric Security
 
Seven Key Elements of a Successful Encryption Strategy
Seven Key Elements of a Successful Encryption StrategySeven Key Elements of a Successful Encryption Strategy
Seven Key Elements of a Successful Encryption Strategy
 
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
Myths and realities of data security and compliance - Isaca Alanta - ulf matt...
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 
Cyber crime and security ppt
Cyber crime and security pptCyber crime and security ppt
Cyber crime and security ppt
 

Similar to Ensuring Security and Compliance in a Data Deluge

On Common Ground: The Overlap of PCI DSS and Data Protection
On Common Ground: The Overlap of PCI DSS and Data ProtectionOn Common Ground: The Overlap of PCI DSS and Data Protection
On Common Ground: The Overlap of PCI DSS and Data ProtectionTripwire
 
Supercharging SIEM with Change & Configuration Data
Supercharging SIEM with Change & Configuration DataSupercharging SIEM with Change & Configuration Data
Supercharging SIEM with Change & Configuration DataTripwire
 
dlp-sales-play-sales-customer-deck-2022.pptx
dlp-sales-play-sales-customer-deck-2022.pptxdlp-sales-play-sales-customer-deck-2022.pptx
dlp-sales-play-sales-customer-deck-2022.pptxalex hincapie
 
Privacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data FabricPrivacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data FabricAtif Shaikh
 
Technical track chris calvert-1 30 pm-issa conference-calvert
Technical track chris calvert-1 30 pm-issa conference-calvertTechnical track chris calvert-1 30 pm-issa conference-calvert
Technical track chris calvert-1 30 pm-issa conference-calvertISSA LA
 
RSA 2006 - Visual Security Event Analysis
RSA 2006 - Visual Security Event AnalysisRSA 2006 - Visual Security Event Analysis
RSA 2006 - Visual Security Event AnalysisRaffael Marty
 
IT Operation Analytic for security- MiSSconf(sp1)
IT Operation Analytic for security- MiSSconf(sp1)IT Operation Analytic for security- MiSSconf(sp1)
IT Operation Analytic for security- MiSSconf(sp1)stelligence
 
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...apidays
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?IBM Security
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSAlienVault
 
GTB - Protecting PII in the EU
GTB - Protecting PII in the EUGTB - Protecting PII in the EU
GTB - Protecting PII in the EUVCW Security Ltd
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and YouMary Kelly Rich
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementNovell
 
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
3rd Party Risk: Practical Considerations for Privacy & Security Due DiligenceResilient Systems
 
Big data security the perfect storm
Big data security   the perfect stormBig data security   the perfect storm
Big data security the perfect stormUlf Mattsson
 
Electronic Data Discovery
Electronic Data DiscoveryElectronic Data Discovery
Electronic Data DiscoveryCarahsoft
 
Chanchal Chatterjee PARTNERS 2017 Oct24
Chanchal Chatterjee PARTNERS 2017 Oct24Chanchal Chatterjee PARTNERS 2017 Oct24
Chanchal Chatterjee PARTNERS 2017 Oct24Chanchal Chatterjee
 
Information Management in a Web 2.0 World May 2009
Information Management in a Web 2.0 World May 2009Information Management in a Web 2.0 World May 2009
Information Management in a Web 2.0 World May 2009Collabor8now Ltd
 

Similar to Ensuring Security and Compliance in a Data Deluge (20)

On Common Ground: The Overlap of PCI DSS and Data Protection
On Common Ground: The Overlap of PCI DSS and Data ProtectionOn Common Ground: The Overlap of PCI DSS and Data Protection
On Common Ground: The Overlap of PCI DSS and Data Protection
 
Supercharging SIEM with Change & Configuration Data
Supercharging SIEM with Change & Configuration DataSupercharging SIEM with Change & Configuration Data
Supercharging SIEM with Change & Configuration Data
 
dlp-sales-play-sales-customer-deck-2022.pptx
dlp-sales-play-sales-customer-deck-2022.pptxdlp-sales-play-sales-customer-deck-2022.pptx
dlp-sales-play-sales-customer-deck-2022.pptx
 
Privacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data FabricPrivacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data Fabric
 
Technical track chris calvert-1 30 pm-issa conference-calvert
Technical track chris calvert-1 30 pm-issa conference-calvertTechnical track chris calvert-1 30 pm-issa conference-calvert
Technical track chris calvert-1 30 pm-issa conference-calvert
 
RSA 2006 - Visual Security Event Analysis
RSA 2006 - Visual Security Event AnalysisRSA 2006 - Visual Security Event Analysis
RSA 2006 - Visual Security Event Analysis
 
IT Operation Analytic for security- MiSSconf(sp1)
IT Operation Analytic for security- MiSSconf(sp1)IT Operation Analytic for security- MiSSconf(sp1)
IT Operation Analytic for security- MiSSconf(sp1)
 
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
apidays LIVE London 2021 - Securing PII at runtime by Rob Dickinson, Resurfac...
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?
 
IDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDSIDS for Security Analysts: How to Get Actionable Insights from your IDS
IDS for Security Analysts: How to Get Actionable Insights from your IDS
 
SLAS Informatics SIG: SLAS2013 Presentation
SLAS Informatics SIG: SLAS2013 PresentationSLAS Informatics SIG: SLAS2013 Presentation
SLAS Informatics SIG: SLAS2013 Presentation
 
GTB - Protecting PII in the EU
GTB - Protecting PII in the EUGTB - Protecting PII in the EU
GTB - Protecting PII in the EU
 
Anomaly Detection and You
Anomaly Detection and YouAnomaly Detection and You
Anomaly Detection and You
 
Preventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log ManagementPreventing The Next Data Breach Through Log Management
Preventing The Next Data Breach Through Log Management
 
BREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAPBREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAP
 
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
3rd Party Risk: Practical Considerations for Privacy & Security Due Diligence
 
Big data security the perfect storm
Big data security   the perfect stormBig data security   the perfect storm
Big data security the perfect storm
 
Electronic Data Discovery
Electronic Data DiscoveryElectronic Data Discovery
Electronic Data Discovery
 
Chanchal Chatterjee PARTNERS 2017 Oct24
Chanchal Chatterjee PARTNERS 2017 Oct24Chanchal Chatterjee PARTNERS 2017 Oct24
Chanchal Chatterjee PARTNERS 2017 Oct24
 
Information Management in a Web 2.0 World May 2009
Information Management in a Web 2.0 World May 2009Information Management in a Web 2.0 World May 2009
Information Management in a Web 2.0 World May 2009
 

More from Tripwire

Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyTripwire
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsTripwire
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationTripwire
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportTripwire
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!Tripwire
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationTripwire
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...Tripwire
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsTripwire
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTripwire
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkTripwire
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksTripwire
 
Jumpstarting Your Cyberdefense Machine with the CIS Controls V7
 Jumpstarting Your Cyberdefense Machine with the CIS Controls V7 Jumpstarting Your Cyberdefense Machine with the CIS Controls V7
Jumpstarting Your Cyberdefense Machine with the CIS Controls V7Tripwire
 

More from Tripwire (20)

Data Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data PrivacyData Privacy Day 2022: Tips to Ensure Data Privacy
Data Privacy Day 2022: Tips to Ensure Data Privacy
 
Key Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The ExpertsKey Challenges Facing IT/OT: Hear From The Experts
Key Challenges Facing IT/OT: Hear From The Experts
 
Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo Tripwire Energy Working Group: TIV Demo
Tripwire Energy Working Group: TIV Demo
 
Tripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale PetersonTripwire Energy Working Group Session w/Dale Peterson
Tripwire Energy Working Group Session w/Dale Peterson
 
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
Tripwire Energy Working Group: CIP Solutions and Baseline Walk-Through
 
Tripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase ColeTripwire Energy Working Group: Customer Session with Chase Cole
Tripwire Energy Working Group: Customer Session with Chase Cole
 
Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller Tripwire Energy Working Group: Keynote w/Patrick Miller
Tripwire Energy Working Group: Keynote w/Patrick Miller
 
World Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest CelebrationWorld Book Day: Cybersecurity’s Quietest Celebration
World Book Day: Cybersecurity’s Quietest Celebration
 
Tripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key FindingsTripwire Retail Security 2020 Survey: Key Findings
Tripwire Retail Security 2020 Survey: Key Findings
 
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact ReportKey Findings: Tripwire COVID-19 Cybersecurity Impact Report
Key Findings: Tripwire COVID-19 Cybersecurity Impact Report
 
The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!The Adventures of Captain Tripwire: Coloring Book!
The Adventures of Captain Tripwire: Coloring Book!
 
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT CollaborationIndustrial Cybersecurity: Practical Tips for IT & OT Collaboration
Industrial Cybersecurity: Practical Tips for IT & OT Collaboration
 
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
The Adventures of Captain Tripwire #1: Captain Tripwire Faces the Indefensibl...
 
Tripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key FindingsTripwire 2019 Skills Gap Survey: Key Findings
Tripwire 2019 Skills Gap Survey: Key Findings
 
A Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber MomentsA Look Back at 2018: The Most Memorable Cyber Moments
A Look Back at 2018: The Most Memorable Cyber Moments
 
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass AuditsTime for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
Time for Your Compliance Check-Up: How Mercy Health Uses Tripwire to Pass Audits
 
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key FindingsTripwire State of Cyber Hygiene 2018 Report: Key Findings
Tripwire State of Cyber Hygiene 2018 Report: Key Findings
 
Defend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK FrameworkDefend Your Data Now with the MITRE ATT&CK Framework
Defend Your Data Now with the MITRE ATT&CK Framework
 
Defending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber AttacksDefending Critical Infrastructure Against Cyber Attacks
Defending Critical Infrastructure Against Cyber Attacks
 
Jumpstarting Your Cyberdefense Machine with the CIS Controls V7
 Jumpstarting Your Cyberdefense Machine with the CIS Controls V7 Jumpstarting Your Cyberdefense Machine with the CIS Controls V7
Jumpstarting Your Cyberdefense Machine with the CIS Controls V7
 

Recently uploaded

Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Product School
 
"Platform Engineering with Development Containers", Igor Fesenko
"Platform Engineering with Development Containers", Igor Fesenko"Platform Engineering with Development Containers", Igor Fesenko
"Platform Engineering with Development Containers", Igor FesenkoFwdays
 
Dynamical systems simulation in Python for science and engineering
Dynamical systems simulation in Python for science and engineeringDynamical systems simulation in Python for science and engineering
Dynamical systems simulation in Python for science and engineeringMassimo Talia
 
Are Human-generated Demonstrations Necessary for In-context Learning?
Are Human-generated Demonstrations Necessary for In-context Learning?Are Human-generated Demonstrations Necessary for In-context Learning?
Are Human-generated Demonstrations Necessary for In-context Learning?MENGSAYLOEM1
 
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)Jay Zhao
 
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31shyamraj55
 
From Challenger to Champion: How SpiraPlan Outperforms JIRA+Plugins
From Challenger to Champion: How SpiraPlan Outperforms JIRA+PluginsFrom Challenger to Champion: How SpiraPlan Outperforms JIRA+Plugins
From Challenger to Champion: How SpiraPlan Outperforms JIRA+PluginsInflectra
 
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...UiPathCommunity
 
Enterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewEnterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewAshraf Fouad
 
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxThe Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxNeo4j
 
Power of 2024 - WITforce Odyssey.pptx.pdf
Power of 2024 - WITforce Odyssey.pptx.pdfPower of 2024 - WITforce Odyssey.pptx.pdf
Power of 2024 - WITforce Odyssey.pptx.pdfkatalinjordans1
 
The Future of Product, by Founder & CEO, Product School
The Future of Product, by Founder & CEO, Product SchoolThe Future of Product, by Founder & CEO, Product School
The Future of Product, by Founder & CEO, Product SchoolProduct School
 
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24Umar Saif
 
"AIRe - AI Reliability Engineering", Denys Vasyliev
"AIRe - AI Reliability Engineering", Denys Vasyliev"AIRe - AI Reliability Engineering", Denys Vasyliev
"AIRe - AI Reliability Engineering", Denys VasylievFwdays
 
HBR SERIES METAL HOUSED RESISTORS POWER ELECTRICAL ABSORBS HIGH CURRENT DURIN...
HBR SERIES METAL HOUSED RESISTORS POWER ELECTRICAL ABSORBS HIGH CURRENT DURIN...HBR SERIES METAL HOUSED RESISTORS POWER ELECTRICAL ABSORBS HIGH CURRENT DURIN...
HBR SERIES METAL HOUSED RESISTORS POWER ELECTRICAL ABSORBS HIGH CURRENT DURIN...htrindia
 
Relationship Counselling: From Disjointed Features to Product-First Thinking ...
Relationship Counselling: From Disjointed Features to Product-First Thinking ...Relationship Counselling: From Disjointed Features to Product-First Thinking ...
Relationship Counselling: From Disjointed Features to Product-First Thinking ...Product School
 
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)François
 
Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Product School
 
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, GoogleISPMAIndia
 
"Running Open-Source LLM models on Kubernetes", Volodymyr Tsap
"Running Open-Source LLM models on Kubernetes",  Volodymyr Tsap"Running Open-Source LLM models on Kubernetes",  Volodymyr Tsap
"Running Open-Source LLM models on Kubernetes", Volodymyr TsapFwdays
 

Recently uploaded (20)

Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
Harnessing the Power of GenAI for Exceptional Product Outcomes by Booking.com...
 
"Platform Engineering with Development Containers", Igor Fesenko
"Platform Engineering with Development Containers", Igor Fesenko"Platform Engineering with Development Containers", Igor Fesenko
"Platform Engineering with Development Containers", Igor Fesenko
 
Dynamical systems simulation in Python for science and engineering
Dynamical systems simulation in Python for science and engineeringDynamical systems simulation in Python for science and engineering
Dynamical systems simulation in Python for science and engineering
 
Are Human-generated Demonstrations Necessary for In-context Learning?
Are Human-generated Demonstrations Necessary for In-context Learning?Are Human-generated Demonstrations Necessary for In-context Learning?
Are Human-generated Demonstrations Necessary for In-context Learning?
 
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
Leonis Insights: The State of AI (7 trends for 2023 and 7 predictions for 2024)
 
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
Unleash the Solace Pub Sub connector | Banaglore MuleSoft Meetup #31
 
From Challenger to Champion: How SpiraPlan Outperforms JIRA+Plugins
From Challenger to Champion: How SpiraPlan Outperforms JIRA+PluginsFrom Challenger to Champion: How SpiraPlan Outperforms JIRA+Plugins
From Challenger to Champion: How SpiraPlan Outperforms JIRA+Plugins
 
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
 
Enterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book ReviewEnterprise Architecture As Strategy - Book Review
Enterprise Architecture As Strategy - Book Review
 
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptxThe Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
The Art of the Possible with Graph by Dr Jim Webber Neo4j.pptx
 
Power of 2024 - WITforce Odyssey.pptx.pdf
Power of 2024 - WITforce Odyssey.pptx.pdfPower of 2024 - WITforce Odyssey.pptx.pdf
Power of 2024 - WITforce Odyssey.pptx.pdf
 
The Future of Product, by Founder & CEO, Product School
The Future of Product, by Founder & CEO, Product SchoolThe Future of Product, by Founder & CEO, Product School
The Future of Product, by Founder & CEO, Product School
 
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
Progress Report: Ministry of IT under Dr. Umar Saif Aug 23-Feb'24
 
"AIRe - AI Reliability Engineering", Denys Vasyliev
"AIRe - AI Reliability Engineering", Denys Vasyliev"AIRe - AI Reliability Engineering", Denys Vasyliev
"AIRe - AI Reliability Engineering", Denys Vasyliev
 
HBR SERIES METAL HOUSED RESISTORS POWER ELECTRICAL ABSORBS HIGH CURRENT DURIN...
HBR SERIES METAL HOUSED RESISTORS POWER ELECTRICAL ABSORBS HIGH CURRENT DURIN...HBR SERIES METAL HOUSED RESISTORS POWER ELECTRICAL ABSORBS HIGH CURRENT DURIN...
HBR SERIES METAL HOUSED RESISTORS POWER ELECTRICAL ABSORBS HIGH CURRENT DURIN...
 
Relationship Counselling: From Disjointed Features to Product-First Thinking ...
Relationship Counselling: From Disjointed Features to Product-First Thinking ...Relationship Counselling: From Disjointed Features to Product-First Thinking ...
Relationship Counselling: From Disjointed Features to Product-First Thinking ...
 
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
Mind your App Footprint 🐾⚡️🌱 (@FlutterHeroes 2024)
 
Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...Launching New Products In Companies Where It Matters Most by Product Director...
Launching New Products In Companies Where It Matters Most by Product Director...
 
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
"The Transformative Power of AI and Open Challenges" by Dr. Manish Gupta, Google
 
"Running Open-Source LLM models on Kubernetes", Volodymyr Tsap
"Running Open-Source LLM models on Kubernetes",  Volodymyr Tsap"Running Open-Source LLM models on Kubernetes",  Volodymyr Tsap
"Running Open-Source LLM models on Kubernetes", Volodymyr Tsap
 

Ensuring Security and Compliance in a Data Deluge

  • 3. Barriers Expanding threat Market is consolidating Existing technology To Success landscape; more and leaning on isn’t providing cybercrime with strategic vendor expected ROI, sophisticated relationships to is too expensive and adversaries reduce TCO complex, and only of existing solutions delivers data
  • 4. Barriers Expanding threat Market is consolidating Existing technology To Success landscape; more and leaning on isn’t providing cybercrime with strategic vendor expected ROI, sophisticated relationships to is too expensive and adversaries reduce TCO complex, and only of existing solutions delivers data
  • 5.  Don’t know what I don’t know Prevent Outages  Too much data to sift through Protect Sensitive Data  Cost of being secure, compliant and efficient is too high and labor intensive Prove Compliance
  • 6.  Don’t know what I don’t know Prevent Outages  Too much data to sift through Protect Sensitive Data  Cost of being secure, compliant and efficient is too high and labor intensive Prove Compliance
  • 11. OPERATIONS SECURITY Longer MTTR $$$$ Unplanned Work Shareholder Value Budget Pressure Branding
  • 12. No Visibility Drifting Desired State High-risk Temporary Success Time
  • 13. Raw Log Data No Change Intelligence Detect Change  Good & Bad No Security Data Landfill So What! Report Change  Good & Bad
  • 14. The lack of compliance in PCI DSS Requirement 11 …. Knowing (not just recording) what is actually occurring within networks and systems is …. critical. 2010
  • 15. Raw Log Data Event Event Correlation Alerts Too Many Alerts Too Investigate Miss Complex Scenarios
  • 16. Were changes made? Who made them? Did they enable events?
  • 17. Were changes made? Who made them? Did they enable events? FTP Enabled
  • 18. Were changes made? Who made them? Did they enable events? FTP Enabled 10 failed logins
  • 19. Were changes made? Who made them? Did they enable events? FTP Enabled 10 failed logins FTP event to foreign IP
  • 20. Were changes made? Who made them? Did they enable events? FTP Enabled Login successful 10 failed logins FTP event to foreign IP
  • 21. Problem Discovery Long time to discover breach
  • 22. Problem Discovery
  • 24. “We consistently find that nearly 90% of the time logs are available but discovery [of breaches] via log analysis remains under 5% ” 2010
  • 25. A Better Approach VISIBILITY INTELLIGENCE AUTOMATION Across the entire Enable better, Reduce manual, IT infrastructure faster decisions repetitive tasks
  • 26. Raw Log Data Am I Secure? Is Policy Impacted? change event log event Events of Interest!
  • 27. Raw Log Data Dynamic Policy Testing Auto-retest to policy Change Process Analysis Close breach-to-discovery time gap  Immediate time-to-value Reconcile toto usual Business Authorization Exclusive as Tripwire! Change windows User ID Multiple conditions
  • 29. Raw Log Data Normalization & Correlation • High Speed Log Archival • Events of Interest • Google like Index • Structured Data • Fast Search • Complex Reporting • Intelligent Reporting • Data visualization
  • 30. 5 failed logins Login successful Windows event log cleared Logging turned off Host not generating events Policy test fails
  • 32. Maintain Desired State Non-stop monitoring & collection Dynamic analysis to find suspicious activities Assess & Achieve Alert on impact to policy Remediate options to speed remedy Time
  • 33. Correlate to Correlate to Bad Changes Suspicious Events
  • 35. Change, Breaches, Audits and Outages Happen. TAKE CONTROL. Tripwire is a leading global provider of IT security and compliance automation solutions that enable organizations to protect, control and audit their entire IT infrastructure
  • 36. Answers For Your Questions

Editor's Notes

  1. TZ: Ed, what exactly is this “data deluge problem?’Ed: Over the last several years many organizations have put collection systems in place to meet PCI requirements. They put in log management and FIM along with other security tools. And they have been collecting a ton of data ever since. So they have plenty of data to meet compliance requirements. But the problem is they have too much data for it to be useful. And it is almost impossible to quickly know if any of the data is indicating a security issue. It’s like trying to find a single land-mine in a massive land-fill before it goes off and caused damage.TZ (to transition to next): and this here is some data to show what the “deluge” actually means in terms of volume.
  2. TZ (to talk to this slide). TZ (to transition to next slide – TZ to ask Ed): So what is the challenge of security and compliance information being trapped in this big, what you called a “landfill”?
  3. ER: The cost of this time delay is enormous.These organizations not only suffer monetarily, their “mojo” is also badly damaged.They loose shareholder trust and value.Their name remains in the press and presentation like this for a very long time.TZ (to transition to next slide): Going back to our title which is about ensuring security and compliance in light of this vast sea of data, we at Tripwire offer a Pragmatic approach to compliance and security. Let’s spend a moment talking about what that means.
  4. Having tools in place that just capture the things that are changing does not help close the time gap problem.Capturing data is NOT the same as knowing when something BAD is happening.And isolating the bad from the good is what is needed to make it possible to find and fix bad events within minutes of them happening.
  5. Automated help is needed to enable these organizations to more quickly know their data is at risk due to a breach activity.They need to close the breach to discover time gap.
  6. Automated help is needed to enable these organizations to more quickly know their data is at risk due to a breach activity.They need to close the breach to discover time gap.
  7. ER: You have to collect the data. That has always been a requirement. The problem has been that far too many merchants ended their PCI projects at this point. How you collect is important. That’s something you need to look at. But you cannot stop here. You must also have an automated way to analyze the data to determine if security issue exist.TZ (to transition): can you talk more about what actually means?
  8. TZ: Ed, what exactly is this “data deluge problem?’Ed: Over the last several years many organizations have put collection systems in place to meet PCI requirements. They put in log management and FIM along with other security tools. And they have been collecting a ton of data ever since. So they have plenty of data to meet compliance requirements. But the problem is they have too much data for it to be useful. And it is almost impossible to quickly know if any of the data is indicating a security issue. It’s like trying to find a single land-mine in a massive land-fill before it goes off and caused damage.TZ (to transition to next): and this here is some data to show what the “deluge” actually means in terms of volume.
  9. This graphic shows how the ChangeIQ capability of Tripwire Enterprise works.Dynamic Policy Testing: Change to configuration settings triggers an automatic retesting of each setting to what policy defines it should be. If any settings fails it testing as a result of the detected change an alert is issues and remediation advice is provided to return the setting to an approved state.Change Process Analysis: High-risk changes are dynamically compared to any number of change process criteria to determine if the change meets that criteria and, therefore, typical and expected. If it meets any of the criteria the change is promoted to the change database. If it does not meet any of the criteria an alert is issued. Detailed change property information is then available to speed corrective action.Reconcile to Authorization: Specific changes can be automatically compared to Request For Change authorization tickets.
  10. The result of ChangeIQ is this, the majority of detected changes can be intelligently filtered from further investigation.Leaving only those changes that have caused a policy violation or for other reasons are suspicious and need additional investigation.
  11. This graphic shows the Tripwire Log Center architecture for managing and archiving log events as well as dynamically correlating suspicious log activity through its event management capabilities..As log events flow into Tripwire Log Center they are stored and managed in a flat-file data store (which is similar to how Google works).This allows extremely fast and global search across the entire log data store.And at the same time, as the log events flow into the system they are dynamically normalized and correlated in memory to spot specific sequences of events that pose a known threat to the environment – Event Management.Any of these events of interest are also written to a built-in relational database for complex reporting and data virtualization requirements.
  12. The result of Event Management is this, the majority of detected log events can be intelligently filtered from further investigation.Leaving only those events that have are suspicious, based on rules, and need additional investigation.ER: This is really what you want to know. 5 failed logins on it’s own followed by a successful login is probably a medium to low alert. In fact, this is so common it’s contributing to SIEM overload. But, getting an unrelated alert for each one of these every step along the way won’t help. We think you need this context to see all of these happening in concert so you can quickly see these complicated patterns that impact security. TZ (to transition to next slide): so what does Tripwire do to help solve this?
  13. Tripwire VIA delivers intelligent threat control by providing…Visibility across your infrastructure to know what is happening at all times.Intelligence to know which changes or events are suspect and may put your infrastructure and data at risk of compromise.Automation to help you to categorize high risk changes and events, remediate certain conditions, and automate compliance requirements such as reporting.