25. 赛门铁克愿景
“Confidence in the Connected World”
Confidence in the Connected World
互联世界,满怀信心
Secure and Manage Your Information‐Driven
S dM Y I f ti D i
Enterprise, across Physical, Virtual, and Cloud
Symantec Vision 2010 25
26. 来自最佳实践的企业安全建设框架:
• 以合规管理推动安全治理常态化
– 以风险和企业策略为驱动
Risk Based and Policy Driven
Ri k B d d P li D i
– 以自动化的风险与合规管理为手段
IT Governance, Risk and Compliance
– 不断治理和改善安全状态
– 应对不断变化的挑战
• 以“信息”风险管理为核心
Information Centric – 信息的安全更针对数据的内容
Information Risk – 信息是IT系统的核心与重点
Identity Centric Management
Operationalized • 增强基础设施管理
Identity
Id tit & – 标准化、流程化、自动化
Authentication Infrastructure
Management – 更加高效、安全的IT运行管理
Management
• 以身份管理确保可信的访问 Well
Well • 提供良好的基础设施保护
– 人是IT系统使用的主体 Protected – 提供安全保护良好的基础设施
Infrastructure
– 身份的标识与认证确保主体的安全 Infrastructure – 更加安全的基础设施环境
Protection
Symantec Vision 2010
26
27. 最佳实践 以合规促进安全治理
实现安全治理的闭环: Data
Protection
Server
Policy
Malware
Policy
Policy
• 定义风险并开发适宜的IT
策略
PCI SOX Basel FISMA
• 评估基础设施和运行流程 COBIT ISO NIST
的风险
策略管理 评估与识别 风险及遵从报 纠正与响应
• 对问题进行应有的监控、 • Assess 告 • Remedia
上报并提供证明 • Define/m
anage technical • Report te
written & ih ik
with risk deficienc
• 问题的弥补 policies procedural weighted ies
controls model • Prioritize
• Distribute
policies & • Identify • Centralize and
track
track critical
critical view of
view of respond
respond
exception vulnerabilit procedural to
s ies controls incidents
• Detect
deviations 27
7
27
Symantec Vision 2010
39. Building a Community of Defense with Businesses
Building a “Community of Defense” with Businesses
> Customers from businesses around the world
Who
> Symantec Security Leadership and Experts on
Threat Research
> Ongoing discussions about the types of IT risks
Ongoing discussions about the types of IT risks
What businesses face today
> Share information about security incidents, impact
, p p
assessment, and best practices to prevent
> Today’s targeted attacks characterized by
mend
organization, covert nature and patience
g , p
Recomm
Key
> Strong consensus these attacks represent a
significant risk to intellectual property
> Suggestions ……
gg
Symantec Vision 2010 39