More Related Content
Similar to Global Thought Leadership Webcast Presentation
Similar to Global Thought Leadership Webcast Presentation (20)
More from Watchful Software
More from Watchful Software (17)
Global Thought Leadership Webcast Presentation
- 2. Introductions
Wednesday, June 22, 2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 2
Ken Baylor
Dr. Ken Baylor is recognized as a leader in Data Protection, Bank Security, Agile Information Security and
Regulatory Compliance and a Certified Information Systems Security Professional (CISSP) and a Certified
Information Systems Manager (CISM).
Amy Mushahwar
Experienced data privacy, security and management attorney with over fifteen years in the technology industry
in both legal and technical capacities. Defends companies in a variety of privacy-related matters including
security breach related litigation, flash cookie cases and call center compliance litigation.
BrandenWilliams
Dr. Branden R. Williams has nearly two decades of information security experience (in both Consulting and
CISO roles) and his business experience includes jump starting two consulting practices with 500%, and 200%
annual growth respectively; starting two businesses; leading and participating in M&A activities in his last three
positions; and building strategy for products and services.
- 3. Wednesday, June 22, 2016 © Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 3
Agenda
1 Introductions & “House Rules”
2 Evolution of information security focus
3 Why have a data classification policy?
4 Panel Discussion
5 KeyTakeaways
6 Q&A andWrap-up
- 4. Old approach—Protect the perimeter
Old approach—Protect the endpoint
Old approach—Protect ‘production’ (cloud)
New approach —Protect ‘the data’
Evolution of information security focus c
© Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 4Wednesday, June 22, 2016
- 5. X Data classification policies segment information stores
(documents, databases, log files) by risk.
X Risk correlates with mandatory controls for each category
X Prioritizes the security of data and data handling processes
X The highest risk data may include PII, PHI, and PCI data
X Keeps focus on data protection for the full data lifecycle
X Focus on highest risk data with RBAC, logging and encryption
Why have a data classification policy? s
© Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 5Wednesday, June 22, 2016
- 6. Who needs access and how much access?
How sensitive is the data?
What controls are appropriate for data
(MFA, IP address, logging)
Regular access reviews and data log audits
Role BasedAccess Control c
© Copyright www.watchfulsoftware.com. 2016 All Rights Reserved. 6Wednesday, June 22, 2016
- 7. Data Classification is a great way prioritize security focus in a world of data sprawl
Data Classification should guide network and security architecture
Focus on highest risk data with RBAC, logging and encryption
From a board perspective, data classification is a key priority
KeyTakeaways
7© Copyright www.watchfulsoftware.com. 2016 All Rights Reserved.Wednesday, June 22, 2016