This document appears to be from a presentation on the topic of how security and compliance efforts are related. It includes polls for attendees on topics such as what regulations their organization needs to comply with, how often they have audits, whether security teams spend too much time on audits, and how aligned security and compliance efforts are. It also includes polls about executive support, how compliance requirements drive budgets, what percentage of security operations are automated, and what types of tools organizations have invested in.

1. Compliance: What Does Security
Have To Do With It?
Thank you for joining us.
The webinar will start shortly.
© nCircle 2012. All rights reserved.

2. Compliance: What Does Security
Have To Do With It?
© nCircle 2012. All rights reserved.

3. Introductions: Panelists
Rodney Brown
CISSP, GIAC GISP, ITILv3
Andrew Storms Shelley Boose
Dir. Security Operations Dir., Public Relation
nCircle
Tim Erlin Elizabeth Ireland
Dir., IT Security and Risk Strategy VP, Marketing
nCircle
3 © nCircle 2012 All rights reserved. nCircle Company Confidential

4. Which compliance regulations does your
organization need to comply with? (check all that
apply)
 SOX
 NERC
 FISMA
 HIPAA
 PCI
 GLBA
 PIPEDA
 Too many to name
4 © nCircle 2012 All rights reserved. nCircle Company Confidential

5. How often does your organization have audits?
 Annually
 Quarterly
 Monthly
 Auditors live here
5 © nCircle 2012 All rights reserved. nCircle Company Confidential

6. Does your security team spend too much time on
audit requests?
 Seems like that’s all we do
 Audit requests take at more than half of our time
 Occasional resource problem
 We have plenty of resources to do both
6 © nCircle 2012 All rights reserved. nCircle Company Confidential

7. In your experience, how aligned are security and
compliance efforts?
 Mostly aligned
 Somewhat aligned
 Barely related
7 © nCircle 2012 All rights reserved. nCircle Company Confidential

8. Does your security team have the necessary
executive support?
 Yes
 No
 What executive support?
8 © nCircle 2012 All rights reserved. nCircle Company Confidential

9. In your organization, do security efforts suffer
because compliance requirements drive the
budget?
 Yes
 No
9 © nCircle 2012 All rights reserved. nCircle Company Confidential

10. What percentage of your security operations
program is automated?
 25% or less
 26 – 50%
 more than 50%
10 © nCircle 2012 All rights reserved. nCircle Company Confidential

11. In which of the following types of tools has your
organization invested the most budget?
 Vulnerability management
 Configuration auditing
 Patch management
 Identity and access management
 Antivirus and endpoint protection
 Penetration testing
 Malware detection
 Data loss prevention
 Governance risk and compliance
 Other
11 © nCircle 2012 All rights reserved. nCircle Company Confidential

12. What’s the next major tool investment your
organization has planned?
 Vulnerability management
 Configuration auditing
 Patch management
 Identity and access management
 Antivirus and endpoint protection
 Penetration testing
 Malware detection
 Data loss prevention
 Governance risk and compliance
 Other
12 © nCircle 2012 All rights reserved. nCircle Company Confidential

13. Thank you for participating!
Continue the conversation in our online community
connect.ncircle.com
13 © nCircle 2012 All rights reserved. nCircle Company Confidential