Security – Invest Where it Matters
Most
WWT SECURITY PRACTICE

Mario Balakgie

Copyright © 2013 World Wide Technology, Inc...
It takes twenty years to build a reputation and five minutes
to ruin it. If you think about that, you'll do things differe...
of a Hyper-Connected World
THREATS
•
•
•
•
•

Unsecured peer-to-peer access
Mobile Threats - malware and SMS fraud
Advance...
Measuring Up to the Challenge:
The Path from Tactics to Strategy.
History of Threat Evolution … and Threat Defense

Viruse...
Tactical Approach Creates
Unbalanced Response Posture
UNNECESSARY WEAKNESSES IN KEY AREAS OF
VULNERABILITY
• Key Assumptio...
Strategic Approach Creates
Targeted Response Posture
STRENGTH IN AREAS OF CONCERN AND VULNERABILITY
• The future of IT sec...
Cyber Security – A Strategic Imperative
• Businesses Depend on Technology
• Highly complex
• A Boardroom level concern

• ...
DIFFERENT ORGANIZATIONS • DIFFERENT VULNERABILITIES
Cyber Readiness

•
•
•

Threat defense maturity model and gap analysis
Alignment with business priorities
Remediation reco...
BENEFIT: Your Defense Represents on Ongoing Alignment
with Your Vulnerabilities
How does an organization
approach the security challenge
and meet the never ending
demand?
Determine Your Readiness
Comm...
Determining Security Capability
• “Capability” determination is the degree to which;
• Institutionalized – a process has b...
Cyber Security Maturity Model

Systematically Build and Improve Enterprise Cyber Security Capabilities
Optimizing

Quantit...
Example: Security Domains
Domains can be selected based the organizational
needs, business drivers, or identified as chall...
Example: Summary of Organization Score
Security
Domains

Maturity
Rating
1

Cyber Security Policy
Organization of Cyber Se...
Example: Operations Security
1
Documented Procedures
3rd Party Management
System Plan & Acceptance
Malicious Code Protecti...
Example: Access Control
1
Access Need Controls
User Access Mgt
User Responsibilities
Network Access
Operating System Acces...
Example: Roadmap for Readiness Improvements
Re-Evaluate Cyber
Readiness and
Maturity

Implement Medium
Priority
Capabiliti...
Summary

Make investments that matter the
most!
•
•
•

Cyber Security is a Must for all businesses – it’s a question of
re...
Questions?
Thank you
Security-Invest Where it Matters Most
Security-Invest Where it Matters Most
Upcoming SlideShare
Loading in …5
×

Security-Invest Where it Matters Most

609 views

Published on

Presented at InnoTech Austin 2013. All rights reserved.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
609
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Tim: You can freestyle regarding how organizations responded to these threats
  • Tim: Trying to figure out who would want to attack a particular organization and why. Developing a strategic stance begins with the answers to those questions.Until you have a sound understanding of why you’ll never be able to defend yourself effectively against targeted attacks. Targeted attacks are different from accidental hacks. A threat actor diligently seeks out a target to exploit for personal or financial gain as opposed to a hacker getting lucky at airport where he/she infects a random user with malware by spoofing a WiFi service.Are they interested in you because you have access to another organization that is a high value target or are you the high value target. What are they really interested in? Money, Intellectual Property, Trade secrets, access to other higher value targets, politically information, crippling a countries defenses in cyber warfare
  • Security-Invest Where it Matters Most

    1. 1. Security – Invest Where it Matters Most WWT SECURITY PRACTICE Mario Balakgie Copyright © 2013 World Wide Technology, Inc. All rights reserved. Principal Security Consultant 16 October 2013
    2. 2. It takes twenty years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently – Warren Buffett
    3. 3. of a Hyper-Connected World THREATS • • • • • Unsecured peer-to-peer access Mobile Threats - malware and SMS fraud Advanced Persistent Threats (APTs) Non-malicious breaches Denial of Service (DoS) EVOLUTION OF CONNECTIVITY • • • • • Local and wide area networks Various flavors of Wi-Fi Intelligent devices Internet of things Cloud technologies
    4. 4. Measuring Up to the Challenge: The Path from Tactics to Strategy. History of Threat Evolution … and Threat Defense Viruses and worms Malware and phishing attacks Cyber attack missions utilizing Advanced Persistent Threats (APT) have redefined the rules of engagement 1990 2000 NOW
    5. 5. Tactical Approach Creates Unbalanced Response Posture UNNECESSARY WEAKNESSES IN KEY AREAS OF VULNERABILITY • Key Assumption: Complete protection against all threats and vulnerabilities is beyond the tactical capabilities of most enterprise IT security programs. …Trying to do so generates a tactics-based response stance…
    6. 6. Strategic Approach Creates Targeted Response Posture STRENGTH IN AREAS OF CONCERN AND VULNERABILITY • The future of IT security requires an approach that assumes those who want to get in will get in. …With this in mind, your organization must embrace principles that guide a strategy – where do you invest?
    7. 7. Cyber Security – A Strategic Imperative • Businesses Depend on Technology • Highly complex • A Boardroom level concern • Innovation • A constant factor with major effects • Challenges security management • Cyber Threats • • • • It is the State-of-Affairs Necessitates C-Suite decision-making and risk management Requires new thinking for protection Speed of action and ability to adapt is critical
    8. 8. DIFFERENT ORGANIZATIONS • DIFFERENT VULNERABILITIES
    9. 9. Cyber Readiness • • • Threat defense maturity model and gap analysis Alignment with business priorities Remediation recommendations as part of a risk-based security model
    10. 10. BENEFIT: Your Defense Represents on Ongoing Alignment with Your Vulnerabilities
    11. 11. How does an organization approach the security challenge and meet the never ending demand? Determine Your Readiness Commit to a Plan Invest for Impact
    12. 12. Determining Security Capability • “Capability” determination is the degree to which; • Institutionalized – a process has been ingrained in the way work is defined, executed, and managed • Repeatable – a commitment and consistency to performing the security process • Expectation – you know what to expect in terms of organizational reaction and ability with high level of confidence • Value of knowing and managing readiness level is to answer important questions on; • Can we effectively manage our security posture? • How do we maintain levels of protection and ultimately our success? • Are we adaptive to changing risk environments?
    13. 13. Cyber Security Maturity Model Systematically Build and Improve Enterprise Cyber Security Capabilities Optimizing Quantitative Quantitative / Qualitative Intuitive Ad Hoc/ Chaotic Dependent on heroics; institutional capabilities lacking, not of the organization Initial Level 1 Process established and repeating; reliance on people is reduced Repeatable Level 2 Policies, processes and standards defined and formalized across the organization Defined Level 3 Risks measured and managed quantitatively and aggregated on an enterprise-wide basis Managed Level 4 Organization focused on continuous improvement of security risk management Optimized Level 5
    14. 14. Example: Security Domains Domains can be selected based the organizational needs, business drivers, or identified as challenges Cyber Security Policy 2. Organization of Cyber Security 3. Governance, Risk, and Compliance 4. Asset and Information Management 5. Operations Security 6. Access Control 7. Mobile Technology 8. Breach Response 9. Business Continuity 10. Others as needed 1.
    15. 15. Example: Summary of Organization Score Security Domains Maturity Rating 1 Cyber Security Policy Organization of Cyber Security Governance, Risk, and Compliance Asset and Information… Operations Security Access Control Mobile Technology Breach Response Business Continuity Overall Current Level 2 3 2 Goal Level 4 5 4.4
    16. 16. Example: Operations Security 1 Documented Procedures 3rd Party Management System Plan & Acceptance Malicious Code Protection Backup Process Network Security Media Handling Monitoring Overall • • • Key Observations Network security function is fragmented between operations Monitoring is mostly manual System development not separated 2 3 4 5 Current Level Goal Level 2 5 Actions to Reach Maturity Level 5 1) Restructure monitoring roles and responsibilities 2) Identify security technology to automate log and audits reviews
    17. 17. Example: Access Control 1 Access Need Controls User Access Mgt User Responsibilities Network Access Operating System Access Application Access Overall • • Key Observations Access procedures do not address urgent scenarios of termination Privilege access wide and prevalent and lacks management 2 3 4 5 Current Level Goal Level 2.3 4.3 Actions to Reach Maturity Level 4 1) Review policy and implement strong well defined procedures 2) Control privilege access and establish decision authority
    18. 18. Example: Roadmap for Readiness Improvements Re-Evaluate Cyber Readiness and Maturity Implement Medium Priority Capabilities Security Capability Monitor and Evaluate Assess Compliance and Certify Formalize Plan for Readiness Improvements Implement High Priority Capabilities 3 Months Review Security Architecture 6 Months 12+ Months
    19. 19. Summary Make investments that matter the most! • • • Cyber Security is a Must for all businesses – it’s a question of readiness Program effectiveness for enterprise-wide requires a process with structure and formal decision-making Understand where you are today and where you want to go
    20. 20. Questions? Thank you

    ×