Capgemini's vision for cybersecurity is to reduce risks from IT use by making prudent choices. Their mission is to deliver convenient, cost-effective cybersecurity services that adapt to clients' changing needs. They focus on identity and access management, which is the cornerstone of effective security. Capgemini uses a strategic approach to balance security, costs, and business needs. Their Identity and Access Management strategy aims to make security processes largely automated and risk-based.

1. IAM and Cybersecurity
June 2016

2. 2Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
Capgemini’s vision and mission
 Cybersecurity Vision
As a Global leader in IT, Capgemini’s
vision on Cyber Security is to de-risk
the use of information technology by
making the right choices. We believe
that Cybersecurity delivers business
value and focuses upon things that
really matters. Cybersecurity is flexible
and enables the business to grow fast,
but securely. Prevention, Monitoring
and Detection are key, however only
effective if a security baseline has
been established and is defined what
good looks like.
 Cybersecurity Mission
Our mission is to deliver the most
convenient, invisible, cost effective,
pragmatic and reliable cybersecurity
services to run clients’ business. We
are committed to constantly adapt new
technologies and ways of work to
improve our services and ensure
continuous alignment with our clients
businesses.

3. 3Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
Strategic Focus Points
 It’s impossible to protect everything. Focus upon ‘things’ that really matters,
e.g. crown jewels.
 Constantly question the business value of security measures enabling an
effective balance between risk, costs and benefits
 Prevention without monitoring and detection is not effective and monitoring
and detection is only effective when is known how good looks like.
 Identity and Account lifecycle Management is the cornerstone for Cyber
Security.
 Cyber Security must transform from the fortress model into the airport model
and a transition plan must be in place.
 Outsourcing security is increasing the overall quality of security
 During the transition phase, a fallback plan must be in place

4. 4Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
Identity & Access Management Strategy
 IAM is highly ‘invisible’ for the business:
 Reviews or certifications will be replaced by rules and risk scores
 Compliance is an automated daily activity including remediation
(continuous assurance)
 Access Rights are provisioned (and de-provisioned) automatically
 It’s clear for every rule which risk is mitigated by that specific rule.
 Manual activities are kept to an absolute minimum (approvals etc.)
 IAM is the cornerstone of Cyber Security and is configured to enables the
effective use of prevention, monitoring and detection technology
 Dynamic risk management (attribute and context based) is integrated in
Access Management and analytics are used to dynamically determine risk
levels/scores
 Privileged (non personal) Accounts and managed separately.
 IAM actually need to be seen as EAM (Entity Access Management)

5. 5Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
To increase the effectiveness of IAM, we add the intelligence
functionality to the more classic administrative and access functions
IAM Systems Risk policies determine
risk within each IAM function
User Entity Behaviour Analytics
Behaviour
Analytics
Engine
Risk
Analytic
s Engine
Context Risk score
People -> Devices -> Location ”Identity Context” Time -> Network -> Resource
SOC Asset Data ”User Behavior Context” Threat Intell Data in motion
Audit
Intelligence
Analytics
Authentication
Access
Authorizations
Identities
Administration
Entitlements
Identity & Entitlement Data
Roles
Risk Scores Context
Risk
Scores
Entitlements

6. 6Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
Capgemini Approach
Centralized
Identity Store
Self
service
Role
management
Compliance
reporting
Automated
provisioning Policy
management
Authorization
lifecycle
Risk
managementSecurity
User
experience
Single
Sign On
Access
management
Federation
Privileged
accounts
Identity
lifecycle
Review
attestation

7. 7Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
IAM Operational KPI’s (Examples)
 # of password resets per month
 Average # of distinct accounts per user (and deviations)
 # of orphan accounts per system
 # of unknown identities (lacking info/ ‘ownership’)
 # of active identities already left the company
 # of active accounts of people left the company
 # of new accounts provisioned per time period
 Average lead time to (de-)provision users
 Average time to change user access rights
 Response % regarding attestation/certification
 # of exceptions generated per attestation/certification
 # of reconciliation issues (for offline systems)
 # of SoD conflicts
 Specific Identity quality KPI’s:
• E-mail lacking
• No line manager
• No department
• Etc. etc
 Risk Management KPI’s:
• % of people with High Risk access level
• Etc.
 User Behaviour KPI.s:
• Logon attemps
• Last Logon’s
• Out of office hours logons
• Etc.etc.

8. 8Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
IAM FastTrack
 Do you recognize this?
 Why Capgemini FastTrack?
 Transforming IAM implementations
 FastTrack USP’s

9. 9Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
Do you recognize this?
 There’s a need for IAM, but due to complexity and lack of proper
approach it is delayed.
 No clear view on End User licenses.
 Audit, regulatory and compliance is important and a huge mostly
manual job.
 End users are complaining about the access management processes.
 On, off and through boarding processes are causing problems.
 Risk Management controls must be improved.
 Insight in who has got what is lacking and (thus) money is not being
spend efficiently.
 Responsibilities are complex to enforce because overviews are
lacking.
 Various Identity Sources or Directory environments are present and not
synchronized

10. 10Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
Why Capgemini FastTrack?
IAM projects are notorious when it comes to delivering on time, within budget and
delivering what is required.
At Capgemini, we have decided that it’s time to change! Therefore the FastTrack
concept has been developed.
FastTrack is about getting an overview of the ‘As-Is’ situation as soon as possible and
using the actual data (facts) to determine the strategy, roadmap, business case etc.
 Avoiding high costs on feasibility studies etc.
 Enabling ‘in control’ rapidly and managing security risks
 Determine possible cost reductions

11. 11Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
Transforming IAM implementations
Traditional IAM program
6 weeks
Engagement Policies Design
Vision Validation
Strategy
&
Roadma
p
Business benefits Implementation
FastTrack Insight FastTrack Implementation
IDaaS – Identity Governance & Administration as a Service
Implementation

12. 12Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
IAM FastTrack USP’s
 Results in days instead of months
 Delivering an IAM Business Case, Strategy and Roadmap based upon facts.
 Harvesting low hanging fruit within days
 Providing insight in actual access rights and active identities
 Head start for any IAM project and unique opportunity to test one of the best IAM
tools available
 Business facing functionalities available right from the start. IAM tool is pre-
configured by Capgemini.
 Fixed price for 6 weeks and concrete deliverables
 Unique option to use the IAM tool in the ‘As a Service’ model (pay per use)
 Focusing upon the business and not upon tooling

13. 13Copyright © Capgemini 2016. All Rights Reserved
The Value of Collaboration
Unique Selling Points
 IDaaS by Capgemini is unique! There are no other vendors who can deliver the entire
Identity & Access Control stack in the as a Service model!
 IAM FastTrack is unique! An agile IAM project approach, delivering results in days
instead of months/years.
 Avoiding high costs on feasibility studies, workshops etc.
 Leveraging the experience and expertise of Capgemini
 Business benefits are delivered within weeks! i.e. Cost Savings, end user experience
etc.
 Compliance reports and mitigation plans to be executed in weeks.

14. The information contained in this presentation is proprietary.
© 2016 Capgemini. All rights reserved.
www.capgemini.com
About Capgemini
With more than 180,000 people in over 40 countries, Capgemini is
one of the world's foremost providers of consulting, technology and
outsourcing services. The Group reported 2015 global revenues of
EUR 11.9 billion. Together with its clients, Capgemini creates and
delivers business, technology and digital solutions that fit their
needs, enabling them to achieve innovation and competitiveness.
A deeply multicultural organization, Capgemini has developed its
own way of working, the Collaborative Business ExperienceTM, and
draws on Rightshore®, its worldwide delivery model.
Rightshore® is a trademark belonging to Capgemini