Download to read offline
More Related Content
Similar to NOS Webinar: Reduce Security Risks to Protect Your Network Final
NOS Webinar: Reduce Security Risks to Protect Your Network Final
- 1. #CiscoSmartTalk 1© 2015Cisco and/or its affiliates. All rights reserved. Reduce Security Risks to Protect Your Network Webinar will start at 12 pm EST Use the Question Pane in WebEx to ask questions. Join the live discussion on Twitter. Follow @CiscoServices and tweet #SmartTalk
- 2. #CiscoSmartTalk 2© 2015Cisco and/or its affiliates. All rights reserved. @CiscoServices #CiscoSmartTalk
- 3. #CiscoSmartTalk 3© 2015Cisco and/or its affiliates. All rights reserved. cisco.com/go/smarttalk
- 4. #CiscoSmartTalk 4© 2015Cisco and/or its affiliates. All rights reserved. Upcoming Sessions Forecasting the Future: Analytics and Modeling On Demand: Architecture Strategy: What's Your Game Plan? April 16 Proactive vs. Reactive: Assessing Your Network Strategy On Demand: Manage Network Operations Risk and Compliance May 21
- 5. #CiscoSmartTalk 5© 2015Cisco and/or its affiliates. All rights reserved. Reduce Security Risks to Protect Your Network Presented by: Tim Levad
- 6. #CiscoSmartTalk 6© 2015Cisco and/or its affiliates. All rights reserved. An Optimized Network is the Foundation for Business Innovation & Outcomes Security & Risk Operations Efficiency & Automation Analytics & Modeling Compliance & Change Management Architecture Strategy & Planning Operations Support & Lifecycle Management Six Areas You Need to Address CiscoSmartTalk
- 7. #CiscoSmartTalk 7© 2015Cisco and/or its affiliates. All rights reserved. Security & Risk
- 8. #CiscoSmartTalk 8© 2015Cisco and/or its affiliates. All rights reserved. Agenda • Assessing and evolving your security strategy • Maintaining your security posture • Security services to help prepare your network
- 9. #CiscoSmartTalk 9© 2015Cisco and/or its affiliates. All rights reserved. When was the last time you validated your security posture?
- 10. #CiscoSmartTalk 10© 2015Cisco and/or its affiliates. All rights reserved. Do you know what weak links are?
- 11. #CiscoSmartTalk 11© 2015Cisco and/or its affiliates. All rights reserved. TheVulnerability Lifecycle Prioritize Risk Remediate Risk Validate Removal of Risk Identify Risk
- 12. #CiscoSmartTalk 12© 2015Cisco and/or its affiliates. All rights reserved. ValidateYour Current Security Posture Current State Desired StateStrategy Map
- 13. #CiscoSmartTalk 13© 2015Cisco and/or its affiliates. All rights reserved. Assess Risk Based onYour Needs Assessment Examples Perimeter Assessment Wireless Assessment Device Security Assessment
- 14. #CiscoSmartTalk 14© 2015Cisco and/or its affiliates. All rights reserved. What does an Assessment look like? Review Probe Analyze Recommend
- 15. #CiscoSmartTalk 15© 2015Cisco and/or its affiliates. All rights reserved. Uncovering Risk Agents IT Staff Management
- 16. #CiscoSmartTalk 16© 2015Cisco and/or its affiliates. All rights reserved. Prioritize Risk Based onYour Business
- 17. #CiscoSmartTalk 17© 2015Cisco and/or its affiliates. All rights reserved. Develop a Risk Framework
- 18. #CiscoSmartTalk 18© 2015Cisco and/or its affiliates. All rights reserved. Risk Remediation Strategy
- 19. #CiscoSmartTalk 19© 2015Cisco and/or its affiliates. All rights reserved. Agents IT Staff Management Protection by Segmentation
- 20. #CiscoSmartTalk 20© 2015Cisco and/or its affiliates. All rights reserved. Agents IT Staff Management Validate Risk Removal
- 21. #CiscoSmartTalk 21© 2015Cisco and/or its affiliates. All rights reserved. Recap:TheVulnerability Lifecycle Prioritize Risk Remediate Risk Validate Removal of Risk Identify Risk
- 22. #CiscoSmartTalk 22© 2015Cisco and/or its affiliates. All rights reserved. Cisco Security Services Network Optimization Service Security Optimization Service Managed Threat Defense
- 23. #CiscoSmartTalk 23© 2015Cisco and/or its affiliates. All rights reserved. Resources Cisco 2015 Annual Security Report Security Optimization Service At-A-Glance ManagedThreat Defense At- A-Glance
- 24. #CiscoSmartTalk 24© 2015Cisco and/or its affiliates. All rights reserved. Upcoming Sessions Forecasting the Future: Analytics and Modeling On Demand: Architecture Strategy: What's Your Game Plan? April 16 Proactive vs. Reactive: Assessing Your Network Strategy On Demand: Manage Network Operations Risk and Compliance May 21
- 25. #CiscoSmartTalk 25© 2015Cisco and/or its affiliates. All rights reserved. QUESTIONS?
- 26. #CiscoSmartTalk 26© 2015Cisco and/or its affiliates. All rights reserved. ThankYou
Editor's Notes
- #2 Insert intro slide for some housekeeping notes prior to presentation
- #3 Tweet out slide deck
- #7 Here are the 6 fundamental areas to address on your shift from reactive to proactive network management.
- #8 Today we’re going to focus on a plan to reduce security risks.
- #10 Poll question.
- #11 How many of you know what your weak links are? As you know, it only takes one small oversight, like a configuration error, to open your network up to attacks. As business models, technologies and regulations change, organizations are asking questions like: What‘s our security risk of moving to the cloud? With more devices accessing our network, how can we effectively control user access levels? We have so many fragmented point-solutions for security….how can we reduce this complexity? It seems like there’s a shortage of security talent in the market. How can we keep up with these constant security changes? During this Smart Talk session, we’ll touch on these areas and discuss some of the critical considerations for reducing risk in your network.
- #12 Identify risk in your network Prioritize risk based on your business Remediate risk Validate the removal of risk
- #13 An organization’s security posture should never be considered static. Over time, security strategies, products and policies must evolve to keep up with changing business models and modern threats. This is why understanding the current state of your security posture is critical. Knowing how well your security strategy is working and what your vulnerabilities are will help you create a strategy map to get to your desired end state.
- #14 When it’s time to validate your security posture, you should always assess risk based on your business needs. From network devices assessments to collaboration security, there’s a wide array of assessments that can you help you pinpoint areas for improvement. For example, you could run a Perimeter Security Assessment to identify vulnerabilities that allow inappropriate access to your internal IT infrastructure from the outside OR a you could run a Wireless Security Assessment to identify points of exposure, including unauthorized access points, weak access control, and wireless data leakage.
- #15 Here’s what a typical security posture assessment looks like. Review An assessment begins by conducting a detailed review of your security goals and requirements. Probe Based on this information, security experts probe your infrastructure from the interior and perimeter, survey and map your wireless network, and attempt to engineer their way into your facility by simulating modern attacks. This is all done is a safe and controlled manner. Analyze Any discovered vulnerabilities are then analyzed and compared to industry best practices and security intelligence to remove false positives and determine which critical assets and data are exposed. Recommend The results are then prioritized and delivered to you in an actionable report with recommendations for remediation.
- #16 Recently, a large insurance company came to us because they knew their current network access controls could be putting the company at risk. It didn’t matter if you were an insurance agent or the CIO, everyone had the same physical and logical access to the network. The only thing differentiating users access levels were privileges set at the application layer. They had previously attempted to address this issue, but failed to implement a solution that didn’t impact their user experience and business operations. However, with new compliance regulations and changing business models, they knew it was time for a different approach. Our first step was to run a Security Design Assessment to identify their risks. The assessment uncovered: A flat network with very little access control Little to no segmentation of critical assets No visibility into current compliance status
- #17 Now let’s take a look at the second phase in the vulnerability lifecycle; Prioritizing Risk. When risks are identified, they need to be prioritized based on your environment. Just because Cisco or the common vulnerability scoring systems say something is low or high, it doesn’t necessarily mean that risk value is tied to your organization. You may find that your organization has different circumstances that change the value of that particular risk. Something that’s marked medium, may be a top concern for your environment. Key Message: Establishing your risk framework helps you identify solutions that address your highest risks.
- #18 Going back to they insurance company…the question they needed to answer was, which vulnerabilities put our organization at the greatest risk? For their environment, access control was the highest risk so deploying a better identity management solution became their priority. Other risks… No true segmentation of data Non-Compliance
- #19 Now that we’ve identified and prioritized risk, it’s time to develop a strategy to improve your security posture. This will become your roadmap to addressing deficiencies with solutions that align to your specific business requirements. Optional – Things to consider while creating your security strategy: Change to security infrastructure must have little to no impact on business operations Business flexibility – ability to add new applications and services while still complying with policies and regulations Security solutions must provide superior protection while reducing complexity
- #20 For the insurance company, this meant mapping out a more segmented and controlled approach to users access and critical data assets. This allowed them to setup isolated environments using an access management solution and VLANs. Now their agents only have access to what they need, without the risk of compromising the business. This same segmentation model was applied to their critical data to keep it isolated from other business units.
- #21 All changes must be validated to ensure risk removal. For the insurance company this meant validating their network access controls and their data segmentation policies. This validation not only affirms the improvement in their security posture, but also helps them maintain compliance and regulatory standards.
- #22 Outcome: By assessing the current state of their security infrastructure, the insurance company gained the insight required to understand and improve their security posture. They identified their vulnerabilities, prioritized risks based on their environment, created a security strategy aligned with their business goals, and then validated the removal of the risk.
- #23 NOS Security Services Security Optimization Assessment Managed Threat Defense (MTD)
- #24 Cisco 2015 Annual Security Report http://www.cisco.com/web/offers/lp/2015-annual-security-report/index.html Security Optimization Service At-A-Glance http://www.cisco.com/web/services/portfolio/documents/security-optimization-service-aag.pdf Managed Threat Defense At-A-Glance http://www.cisco.com/web/services/portfolio/documents/managed-threat-defense-service.pdf
- #26 How we define A&M
- #27 Customize as needed.