SlideShare a Scribd company logo

Strategic Information Management Through Data Classification

Booz Allen Hamilton
Booz Allen Hamilton

This white paper presents a comprehensive approach to information management programs. It outlines how data growth directly affects the risk posture of critical corporate information assets. In addition, it defines common problems caused by gaps in information management programs as well as consequences associated with immature methodologies.

BusinessTechnology
1 of 10
Strategic Information Management Through Data Classification Reducing Corporate Risk and Cost by Gaining Control of Business Information Assets by Glen Day day_glen@bah.com
Strategic Information Management Through Data Classification Reducing Corporate Risk and Cost by Gaining Control of Business Information Assets Even in the midst of a global recession, enterprise storage demand continues to grow at a feverish pace. In addition to bearing escalating costs for storage and related services, companies are also facing increasing risk of data breaches due to the pervasiveness of how and where confidential files are stored. Despite significant investments in content management and data leak protection technologies, most businesses still lack the core processes and tools needed to effectively manage vast amounts of digital data in accordance with business objectives and compliance mandates. Providing businesses with the capabilities necessary to effectively manage and protect information assets demands a more strategic and comprehensive approach to today’s information management programs. This paper provides a better understanding of how exponential data growth directly affects the risk posture of critical corporate information assets, and addresses IDC estimates that information is now growing by the common problems caused by gaps in information 60 percent per year and will continue to grow at that management programs and the likely consequences rate through 2011. Worldwide, digital information will associated with immature methodologies. It also highlights escalate tenfold between 2006 and 2011, from under the business advantages and the privacy compliance 200 to almost 2,000 exabytes. However, not all of benefits that can be realized with an effective data this digital information is stored safely in the corporate classification program that applies a holistic approach to database where it can be managed, monitored, and information management. controlled. Enterprise Strategy Group estimates that between 80 to 85 percent of all business data More Data, More Cost, More Risk is unstructured (ESG, 2007), much of this in the Over the past few decades, most companies made a form of e-mails, text documents, spreadsheets, and strategic decision to provide increasing IT resources presentations (.doc, .ppt, .xls, and .pdf). to their employees. As a result, Moore’s Law prevailed not only in processing power, but also in storage disk Unstructured data is considered the most evasive capacity. For the past few decades, the price of a and unmanaged data format within any company; this gigabyte of storage has been dropping by 30 percent poses great risk to businesses. Few hurdles prevent per year, on average. A company having insufficient employees from copying confidential data from secure storage is now virtually unthinkable. Despite a databases and storing the same information in slowing economy, the storage industry in the United a spreadsheet, thereby negating any security measures States grew by 15 percent between 2007 and 2008 protecting its access, use, and dissemination. This kind (IDC, 2008). of violation is often perpetrated by employees to provide 1
convenient access to information while in transit or the discovery of malicious software installed on the traveling. Unfortunately, this practice can lead to serious company’s systems. As Heartland processes more security and privacy breaches, as laptops and USB than 100 million transactions per month, the number storage devices with insufficient security controls to of compromised records could be in the hundreds of protect sensitive data are often lost or stolen. millions. At $200 per record stolen, the financial hit to Heartland could be devastating (Claburn, 2009). With corporate data increasing exponentially, what are the ramifications of having the storage environment In 1999, congressional lawmakers Phil Gramm, Jim grow 30 percent faster than a company’s revenue or Leach, and Tom Bliley pushed through the Gramm- IT budget? With a 30 percent annual average price Leach-Bliley Act, the first major piece of legislation that decline, a simplistic view suggests just purchasing specifies measures companies must take to protect more disks. However, this tactic promises more than it Nonpublic Personal Information (NPI). This became the delivers. Related incremental costs for staff and storage foundation for many other privacy regulations—such as management services such as backup, antivirus, and HIPAA and the Payment Card Industry (PCI) initiative, data replication continue to escalate unabated. mandating protection of sensitive patient and customer data, respectively. In a post-9/11 world, other new Over time, most business information devolves from regulations like the International Traffic in Arms being an information asset to being an information Regulations (ITAR) place additional restrictions on the liability—it no longer serves a business need yet flow of trade information. New attention is now focused still requires care, protection, and incurs costs. on the shipment of microchips and electronics, as The challenge is not to restrict the growth of useful well as related electronic information surrounding business data considered to be valued assets, but these devices. This spotlight places further duties how to better manage and dispose of expired or and burdens on businesses. To properly distribute worthless data. This useless information is expensive information internationally related to the manufacture to maintain, holds no further business value, and of these components, one may have to effectively continues to present a high business risk. classify and restrict access to thousands or even The increasing threat of data leakage remains a primary millions of files and stored e-mails. business challenge. A recent Wall Street Journal article reported that the number of data breaches increased by A Growing Data Management Challenge almost 50 percent in 2008, compared to the previous Until recently, these problems were relatively year, exposing the personal records of some 36 million manageable. In cases where unstructured data needed people to potential thieves (WSJ, 2009). The Ponemon to be closely managed for a regulation such as HIPAA Institute found that these breaches cost companies or ITAR, companies could employ Enterprise Content nearly $200 per record stolen, or $6.6M per incident. Management systems. For a small pool of data, such The more data stored by an organization, the higher the as the CEO’s e-mail or a repository of engineering risk of a breach. Given the exponential increase in data documents relevant to litigation, businesses could breach incidents, if a casualty has not yet occurred, use litigation support software or services. If data in odds are that one is imminent (ponemon.org). specific folders or behind certain applications needed to be protected, they could use Identity Management Until recently, TJX Companies, parent company and Data Loss Prevention solutions. of retail giant T.J. Maxx, held the record for the largest single security breach of sensitive customer Those solutions assumed some logical concentration information. On January 21, 2009, Heartland Payment of relevant data, either in a few places or as a Systems, a large credit card payment processing manageable size. Unfortunately, these assumptions company, eclipsed TJX when Heartland announced are no longer valid. Data held by Fortune 500 2
companies can no longer be measured in single or ad hoc process changes. In Booz Allen’s view, terabytes and typically exists in multi-petabyte enterprises should implement a strategic information heterogeneous storage environments spread out management program by first classifying data to across global networks. There are multiple silos of help reduce their corporate risk exposure, decrease information, in many cases governed by data stewards information discovery times, improve compliance with authority to create their own policies based on status, and potentially realize significant cost savings regional or departmental priority. through an effective data disposal program. There are substantial synergies between information Most companies do not have adequate management and other enterprise-wide shared services, including access management, data processes or technologies to manage their leakage protection, records management, litigation unstructured data. 75% said they were support, storage management, governance, risk, concerned that their unstructured data was and compliance. Our comprehensive approach growing too rapidly. 63% said they did not have takes a holistic view of key business processes and data protection controls as assessed against our adequate systems to manage it. information management adoption model in Exhibit 1. - Computerworld survey of 250 large companies on data management New rules and regulations governing how data must be stored, secured, transferred, retained, disposed of, and used will encourage many businesses to emulate On average, most large corporations now have over the standard set by US military and intelligence 240 terabytes of storage, of which some 80 terabytes communities in establishing a classification schema. may be subject to significant requirements for information protection, such as access and lifecycle Exhibit 1 | The Booz Allen Strategic Information controls. Relevant and supporting enterprise policies Management Model (SIMM) or solutions for meeting those requirements are often immature and insufficient. The digital data, and its management requirements, have simply grown Data Classification too fast for most companies to build an effective Policy & Procedures information management strategy that can meet Data Information Leakage Handling business objectives. Preventive Policy & Program Procedures Continuing to neglect these challenges may result in: Strategic adverse legal judgments for failing to meet Federal Information Rules of Civil Procedure (FRCP) guidelines; penalties; Access Management Data Retention Management Model & Disposal and lost business resulting from data privacy Program Policy & Procedures breaches, or loss of trade secrets that could diminish a company’s competitive edge. Effectively employing Electronic Automated Discover Data an information management strategy may be the single (eDiscovery) Disposal largest priority for Fortune 500 companies over the Program Program next 3 years. Answering the Challenge Gaining control of corporate information assets will Source: Booz Allen Hamilton not be accomplished through technology solutions 3
For almost a century, Booz Allen Hamilton has assisted federal agencies and commercial companies in building strategies to streamline their operations and gain a competitive advantage. More recently, Booz Allen has helped to pioneer strategies for large organizations to solve enterprise problems related to records management and information security. This unique experience and expertise has never been more relevant for commercial companies with global operations. Effective Information Management Through Strategic Data Classification The majority of data and privacy breaches are avoidable. Traditionally, organizations have applied a network-centric focus to securing systems, based on defined confidentiality levels for storing and processing data. While still a necessary component, a more information-centric approach is needed today. Better control and protection of confidential and sensitive information first requires an awareness of where the data is stored and how it is protected. Booz Allen’s methodology conveys the complexities of information management in simple business terms: • Discovery: Once classifications are defined, storage • Know what information you have managers should identify known storage areas and query for unknown storage devices. • Know where you have it • Data Mapping: Detailed data maps should then be • Know what information you have to keep created to formally document leading data flows and • Know why you have to keep it their associated classifications. • Keep it only as long as you need to—dispose • Analysis: During this critical phase, stakeholders of everything else should perform a detailed review and evaluation to identify violations and conflicts between corporate Booz Allen’s strategic approach to building and policies and user practices as related to executing a data classification program, as illustrated information handling. in Exhibit 2, is derived from a logical and comprehensive workflow. • Strategic Realignment Plan: Based on the outcomes from the previous phases, remediation • Classification Schema Definition: Prior to classifying recommendations should be developed using unstructured data, business owners must first risk-based methodologies to create a strategic determine the levels of classification (Confidential, plan to realign both administrative policies and Restricted, Public, etc.) and what attributes user practices. This should include an information constitute each of the levels (SSN, credit card security control enhancement plan to mitigate the number, financial information, protected health identified deficiencies. information, etc.). 4
Exhibit 2 | Data Classification Assessment Methodology Strategic Classification Schema Discovery Data Mapping Analysis Realignment Definition Plan Source: Booz Allen Hamilton Applying Booz Allen’s business-centric approach to Booz Allen has helped customers at various stages data protection through strategic data classification of the planning and buying cycle. While some clients is an essential element in corporate risk reduction continue to struggle to assemble internal project efforts. This approach will reduce risk, improve teams, others have matured their programs to include compliance, speed information discovery, and—through high automation. Booz Allen offers services at all levels data disposal of expired files—decrease costs. of the adoption cycle and specializes in translating business requirements to policy definitions and Conclusion recommendations for enterprise solutions. Storage capacities are growing exponentially, Discerning business leaders rely on Booz Allen exacerbating the number and severity of data breaches to deliver quality results to help resolve their and other security issues. Whether due to hackers complex business challenges. Leveraging our or employees, companies are at risk of losing or team of experienced cybersecurity experts, proven compromising information assets on a daily basis. In methodologies, and a reputation built on decades of this difficult economic environment, companies need success, Booz Allen works as your trusted advisor to to consider a comprehensive, strategic approach to help protect your business with enduring results. information management through data classification. With decades of relevant experience, Booz Allen Hamilton is the most qualified partner to help drive the adoption of government best practices and proven methodologies for information security and management in the commercial sector. 5
About the Author Glen Day is a Principal in Booz Allen Hamilton’s Contact Booz Allen to learn more about our Los Angeles office who leads the firm’s cyber security Cyber Security Strategic Approach. and privacy services for commercial healthcare. Glen works with our clients to mature and optimize their Security Testing security and privacy programs to effectively protect Data their IT assets and meet compliance mandates. ISO/IEC 27001 Classification Security Cyber Previously, as Los Angeles County’s first Chief Privacy Program Security Strategy Officer, he was responsible for the development and implementation of HIPAA’s privacy policies and Assessment Identity & practices, working across several departments and & Inventory Access Management Management hospitals to drive the county's health privacy excellence. Glen also has held executive positions for IT operations and cyber security at various start-ups, and is a retired Commander from the US Navy. He earned his MS in Information Management from the Naval Postgraduate School and his BS in Applied Mathematics from the University of Southern California. Contact Information: Sources Glen Day Claburn, Thomas, “Heartland Payment Systems Hit by Data Security Breach,” InformationWeek, January 20, 2009 Principal, CISSP, CISM Cyber Security & Privacy Enterprise Strategy Group, Extending Discovery to All Corporate day_glen@bah.com Information, December 2007 310/297-2120 IDC, The Diverse and Exploding Digital Universe, March 2008 6
About Booz Allen Booz Allen Hamilton has been at the forefront of information technology, systems engineering, and strategy and technology consulting for 95 years. Every program management, Booz Allen is committed to day, government agencies, institutions, corporations, delivering results that endure. and infrastructure organizations rely on the firm’s With 20,000 people and $4 billion in annual revenue, expertise, and objectivity, and on the combined Booz Allen is continually recognized for its quality capabilities and dedication of our exceptional people work and corporate culture. In 2009, for the fifth to find solutions and seize opportunities. We combine consecutive year, Fortune magazine named Booz Allen a consultant’s unique problem-solving orientation one of “The 100 Best Companies to Work For,” and with deep technical knowledge and strong execution Working Mother magazine has ranked the firm among to help clients achieve success in their most critical its “100 Best Companies for Working Mothers” missions. Providing a broad range of services in annually since 1999. strategy, operations, organization and change, To learn more about the firm and to download digital versions of this article and other Booz Allen Hamilton publications, visit www.boozallen.com. 7
Principal Offices ALABAMA KANSAS OHIO Huntsville Leavenworth Dayton CALIFORNIA MARYLAND PENNSYLVANIA Los Angeles Aberdeen Philadelphia San Diego Annapolis Junction San Francisco Lexington Park SOUTH CAROLINA COLORADO Linthicum Charleston Colorado Springs Rockville TEXAS Denver MASSACHUSETTS Houston FLORIDA Boston San Antonio Pensacola Sarasota MICHIGAN VIRGINIA Tampa Troy Arlington Chantilly GEORGIA NEBRASKA Falls Church Atlanta Omaha Herndon HAWAII NEW JERSEY McLean Honolulu Norfolk Eatontown Stafford ILLINOIS NEW YORK O’Fallon WASHINGTON, DC Rome The most complete, recent list of office addresses and telephone numbers can be found on www.boozallen.com by clicking the “Offices” link under “About Booz Allen.” www.boozallen.com ©2009 Booz Allen Hamilton Inc. BAH-083 Viewpoint

Recommended

Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Cyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsCyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsBooz Allen Hamilton
 
The Vigilant Enterprise
The Vigilant EnterpriseThe Vigilant Enterprise
The Vigilant EnterpriseBooz Allen Hamilton
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Redspin, Inc.
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012Icomm Technologies
 
Cybersecurity Improvement eBook
Cybersecurity Improvement eBookCybersecurity Improvement eBook
Cybersecurity Improvement eBookPablo Junco
 
How the Internet of Things Leads to Better, Faster Crisis Communication
How the Internet of Things Leads to Better, Faster Crisis Communication How the Internet of Things Leads to Better, Faster Crisis Communication
How the Internet of Things Leads to Better, Faster Crisis CommunicationBlackBerry
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 

Recommended

Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Cyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsCyber Training: Developing the Next Generation of Cyber Analysts
Cyber Training: Developing the Next Generation of Cyber AnalystsBooz Allen Hamilton
 
The Vigilant Enterprise
The Vigilant EnterpriseThe Vigilant Enterprise
The Vigilant EnterpriseBooz Allen Hamilton
 
Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Top 10 IT Security Issues 2011
Top 10 IT Security Issues 2011Redspin, Inc.
 
IT Security Trends in 2012
IT Security Trends in 2012IT Security Trends in 2012
IT Security Trends in 2012Icomm Technologies
 
Cybersecurity Improvement eBook
Cybersecurity Improvement eBookCybersecurity Improvement eBook
Cybersecurity Improvement eBookPablo Junco
 
How the Internet of Things Leads to Better, Faster Crisis Communication
How the Internet of Things Leads to Better, Faster Crisis Communication How the Internet of Things Leads to Better, Faster Crisis Communication
How the Internet of Things Leads to Better, Faster Crisis CommunicationBlackBerry
 
The Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseThe Essential Ingredient for Today's Enterprise
The Essential Ingredient for Today's EnterpriseReadWrite
 
br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterpriseinfra-si
 
PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715Jim Romeo
 
Secure by design building id based security
Secure by design building id based securitySecure by design building id based security
Secure by design building id based securityArun Gopinath
 
Is Your Organization in Crisis?
Is Your Organization in Crisis?Is Your Organization in Crisis?
Is Your Organization in Crisis?BlackBerry
 
Enterprise Mobility Applications: Addressing a Growing Gap
Enterprise Mobility Applications: Addressing a Growing GapEnterprise Mobility Applications: Addressing a Growing Gap
Enterprise Mobility Applications: Addressing a Growing GapBlackBerry
 
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...IRJET Journal
 
Challenges and Security Issues in Future IT Infrastructure Components
Challenges and Security Issues in Future IT Infrastructure ComponentsChallenges and Security Issues in Future IT Infrastructure Components
Challenges and Security Issues in Future IT Infrastructure ComponentsMubashir Ali
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 
The 10 most trusted companies in enterprise security for dec 2017
The 10 most trusted companies in enterprise security for dec 2017The 10 most trusted companies in enterprise security for dec 2017
The 10 most trusted companies in enterprise security for dec 2017Merry D'souza
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss GremlinsIntronis MSP Solutions by Barracuda
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataEMC
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Securityarms8586
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisitionChristopher Dorobek
 
ThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET Journal
 
ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceAustin Eppstein
 
Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Booz Allen Hamilton
 
Big Data for Security
Big Data for SecurityBig Data for Security
Big Data for SecurityJoey Jablonski
 
Methodology for Platform Modernization
Methodology for Platform ModernizationMethodology for Platform Modernization
Methodology for Platform ModernizationBooz Allen Hamilton
 
Cloud Brokering Brochure
Cloud Brokering BrochureCloud Brokering Brochure
Cloud Brokering BrochureBooz Allen Hamilton
 
Information Security Governance
Information Security GovernanceInformation Security Governance
Information Security GovernanceBooz Allen Hamilton
 

More Related Content

What's hot

br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trendsChristopher Bennett
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterpriseinfra-si
 
PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715Jim Romeo
 
Secure by design building id based security
Secure by design building id based securitySecure by design building id based security
Secure by design building id based securityArun Gopinath
 
Is Your Organization in Crisis?
Is Your Organization in Crisis?Is Your Organization in Crisis?
Is Your Organization in Crisis?BlackBerry
 
Enterprise Mobility Applications: Addressing a Growing Gap
Enterprise Mobility Applications: Addressing a Growing GapEnterprise Mobility Applications: Addressing a Growing Gap
Enterprise Mobility Applications: Addressing a Growing GapBlackBerry
 
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...IRJET Journal
 
Challenges and Security Issues in Future IT Infrastructure Components
Challenges and Security Issues in Future IT Infrastructure ComponentsChallenges and Security Issues in Future IT Infrastructure Components
Challenges and Security Issues in Future IT Infrastructure ComponentsMubashir Ali
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromiseCMR WORLD TECH
 
The 10 most trusted companies in enterprise security for dec 2017
The 10 most trusted companies in enterprise security for dec 2017The 10 most trusted companies in enterprise security for dec 2017
The 10 most trusted companies in enterprise security for dec 2017Merry D'souza
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataEMC
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Securityarms8586
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisitionChristopher Dorobek
 
ThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET Journal
 
ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceAustin Eppstein
 
Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Booz Allen Hamilton
 

What's hot (19)

br-security-connected-top-5-trends
br-security-connected-top-5-trendsbr-security-connected-top-5-trends
br-security-connected-top-5-trends
 
Securing a mobile oriented enterprise
Securing a mobile oriented enterpriseSecuring a mobile oriented enterprise
Securing a mobile oriented enterprise
 
PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715PulseSecure_Report_HybridIT_120715
PulseSecure_Report_HybridIT_120715
 
Secure by design building id based security
Secure by design building id based securitySecure by design building id based security
Secure by design building id based security
 
Is Your Organization in Crisis?
Is Your Organization in Crisis?Is Your Organization in Crisis?
Is Your Organization in Crisis?
 
Enterprise Mobility Applications: Addressing a Growing Gap
Enterprise Mobility Applications: Addressing a Growing GapEnterprise Mobility Applications: Addressing a Growing Gap
Enterprise Mobility Applications: Addressing a Growing Gap
 
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
IRJET- Cloud-Based Optimisation Approach to Joint Cyber Security and Insu...
 
Challenges and Security Issues in Future IT Infrastructure Components
Challenges and Security Issues in Future IT Infrastructure ComponentsChallenges and Security Issues in Future IT Infrastructure Components
Challenges and Security Issues in Future IT Infrastructure Components
 
Getting ahead of compromise
Getting ahead of compromiseGetting ahead of compromise
Getting ahead of compromise
 
The 10 most trusted companies in enterprise security for dec 2017
The 10 most trusted companies in enterprise security for dec 2017The 10 most trusted companies in enterprise security for dec 2017
The 10 most trusted companies in enterprise security for dec 2017
 
6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins6 Ways to Fight the Data Loss Gremlins
6 Ways to Fight the Data Loss Gremlins
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud Data
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Security
 
Improving cyber-security through acquisition
Improving cyber-security through acquisitionImproving cyber-security through acquisition
Improving cyber-security through acquisition
 
ThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO ReviewThreatMetrix Profile in March 2014 CIO Review
ThreatMetrix Profile in March 2014 CIO Review
 
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
IRJET- An Approach Towards Data Security in Organizations by Avoiding Data Br...
 
ICS_WhitePaper_Darktrace
ICS_WhitePaper_DarktraceICS_WhitePaper_Darktrace
ICS_WhitePaper_Darktrace
 
Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...Information Security Governance: Government Considerations for the Cloud Comp...
Information Security Governance: Government Considerations for the Cloud Comp...
 
Big Data for Security
Big Data for SecurityBig Data for Security
Big Data for Security
 

Viewers also liked

Methodology for Platform Modernization
Methodology for Platform ModernizationMethodology for Platform Modernization
Methodology for Platform ModernizationBooz Allen Hamilton
 
Digital Forensics: Digital Evidence That Endures
Digital Forensics: Digital Evidence That EnduresDigital Forensics: Digital Evidence That Endures
Digital Forensics: Digital Evidence That EnduresBooz Allen Hamilton
 
Supply Chain Data Standards in Healthcare
Supply Chain Data Standards in HealthcareSupply Chain Data Standards in Healthcare
Supply Chain Data Standards in HealthcareBooz Allen Hamilton
 
Miles To Go Before They Are Green
Miles To Go Before They Are GreenMiles To Go Before They Are Green
Miles To Go Before They Are GreenBooz Allen Hamilton
 
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...Booz Allen Hamilton
 
Re-Imagined Infrastructure System: US 2040 Economy
Re-Imagined Infrastructure System: US 2040 EconomyRe-Imagined Infrastructure System: US 2040 Economy
Re-Imagined Infrastructure System: US 2040 EconomyBooz Allen Hamilton
 
Booz Allen Hamilton's 100-Year Timeline
Booz Allen Hamilton's 100-Year TimelineBooz Allen Hamilton's 100-Year Timeline
Booz Allen Hamilton's 100-Year TimelineBooz Allen Hamilton
 
Mitigating Our Nation’s Risks – Calling Upon the Whole Community
Mitigating Our Nation’s Risks – Calling Upon the Whole CommunityMitigating Our Nation’s Risks – Calling Upon the Whole Community
Mitigating Our Nation’s Risks – Calling Upon the Whole CommunityBooz Allen Hamilton
 
Predicting Mission Success through Improved Data Collection, Reuse and Analysis
Predicting Mission Success through Improved Data Collection, Reuse and AnalysisPredicting Mission Success through Improved Data Collection, Reuse and Analysis
Predicting Mission Success through Improved Data Collection, Reuse and AnalysisBooz Allen Hamilton
 
Enabling Big Data with Data-Level Security:The Cloud Analytics Reference Arch...
Enabling Big Data with Data-Level Security:The Cloud Analytics Reference Arch...Enabling Big Data with Data-Level Security:The Cloud Analytics Reference Arch...
Enabling Big Data with Data-Level Security:The Cloud Analytics Reference Arch...Booz Allen Hamilton
 
Mission Engineering Solution Infographic
Mission Engineering Solution InfographicMission Engineering Solution Infographic
Mission Engineering Solution InfographicBooz Allen Hamilton
 
Acquiring the Right Talent for the Cyber Age: The Need for a Candidate Develo...
Acquiring the Right Talent for the Cyber Age: The Need for a Candidate Develo...Acquiring the Right Talent for the Cyber Age: The Need for a Candidate Develo...
Acquiring the Right Talent for the Cyber Age: The Need for a Candidate Develo...Booz Allen Hamilton
 

Viewers also liked (20)

Methodology for Platform Modernization
Methodology for Platform ModernizationMethodology for Platform Modernization
Methodology for Platform Modernization
 
Cloud Brokering Brochure
Cloud Brokering BrochureCloud Brokering Brochure
Cloud Brokering Brochure
 
Information Security Governance
Information Security GovernanceInformation Security Governance
Information Security Governance
 
Digital Forensics: Digital Evidence That Endures
Digital Forensics: Digital Evidence That EnduresDigital Forensics: Digital Evidence That Endures
Digital Forensics: Digital Evidence That Endures
 
Sais.34.1
Sais.34.1Sais.34.1
Sais.34.1
 
Supply Chain Data Standards in Healthcare
Supply Chain Data Standards in HealthcareSupply Chain Data Standards in Healthcare
Supply Chain Data Standards in Healthcare
 
Miles To Go Before They Are Green
Miles To Go Before They Are GreenMiles To Go Before They Are Green
Miles To Go Before They Are Green
 
IP Theft
IP TheftIP Theft
IP Theft
 
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
CyberM3 Business Enablement: Cybersecurity That Empowers Your Business with C...
 
Reform Playbook
Reform PlaybookReform Playbook
Reform Playbook
 
Re-Imagined Infrastructure System: US 2040 Economy
Re-Imagined Infrastructure System: US 2040 EconomyRe-Imagined Infrastructure System: US 2040 Economy
Re-Imagined Infrastructure System: US 2040 Economy
 
Booz Allen Hamilton's 100-Year Timeline
Booz Allen Hamilton's 100-Year TimelineBooz Allen Hamilton's 100-Year Timeline
Booz Allen Hamilton's 100-Year Timeline
 
Bah risk-ecosystem-survey[1]
Bah risk-ecosystem-survey[1]Bah risk-ecosystem-survey[1]
Bah risk-ecosystem-survey[1]
 
Mitigating Our Nation’s Risks – Calling Upon the Whole Community
Mitigating Our Nation’s Risks – Calling Upon the Whole CommunityMitigating Our Nation’s Risks – Calling Upon the Whole Community
Mitigating Our Nation’s Risks – Calling Upon the Whole Community
 
3-D Program Management
3-D Program Management3-D Program Management
3-D Program Management
 
Predicting Mission Success through Improved Data Collection, Reuse and Analysis
Predicting Mission Success through Improved Data Collection, Reuse and AnalysisPredicting Mission Success through Improved Data Collection, Reuse and Analysis
Predicting Mission Success through Improved Data Collection, Reuse and Analysis
 
Enabling Big Data with Data-Level Security:The Cloud Analytics Reference Arch...
Enabling Big Data with Data-Level Security:The Cloud Analytics Reference Arch...Enabling Big Data with Data-Level Security:The Cloud Analytics Reference Arch...
Enabling Big Data with Data-Level Security:The Cloud Analytics Reference Arch...
 
Reform Infographic
Reform InfographicReform Infographic
Reform Infographic
 
Mission Engineering Solution Infographic
Mission Engineering Solution InfographicMission Engineering Solution Infographic
Mission Engineering Solution Infographic
 
Acquiring the Right Talent for the Cyber Age: The Need for a Candidate Develo...
Acquiring the Right Talent for the Cyber Age: The Need for a Candidate Develo...Acquiring the Right Talent for the Cyber Age: The Need for a Candidate Develo...
Acquiring the Right Talent for the Cyber Age: The Need for a Candidate Develo...
 

Similar to Strategic Information Management Through Data Classification

Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Erik Ginalick
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentse.law International
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprisesTaranggg11
 
Big data security
Big data securityBig data security
Big data securityAnne ndolo
 
Big data security
Big data securityBig data security
Big data securityAnne ndolo
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data securityKeith Braswell
 
Global Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldGlobal Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldNeil Raden
 
Protecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudProtecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudSymantec
 
Governing the Chaos
Governing the ChaosGoverning the Chaos
Governing the ChaosJohn Hansen
 
Five_Big_Data_Security_Pitfalls
Five_Big_Data_Security_PitfallsFive_Big_Data_Security_Pitfalls
Five_Big_Data_Security_PitfallsLaris Orman
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix LLC
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991Jim Romeo
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...PECB
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemBernard Marr
 
SecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRCSecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRCAegify Inc.
 
SecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRCSecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRCxmeteorite
 
Data Center - Market Segmentation.pptx
Data Center - Market Segmentation.pptxData Center - Market Segmentation.pptx
Data Center - Market Segmentation.pptxdouglassilva700752
 
Protect your confidential information while improving services
Protect your confidential information while improving servicesProtect your confidential information while improving services
Protect your confidential information while improving servicesCloudMask inc.
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckProven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckNetIQ
 
trellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdftrellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdfLaLaBlaGhvgT
 

Similar to Strategic Information Management Through Data Classification (20)

Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991
 
Secure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documentsSecure dataroom whitepaper_protecting_confidential_documents
Secure dataroom whitepaper_protecting_confidential_documents
 
Top 3 security concerns for enterprises
Top 3 security concerns for enterprisesTop 3 security concerns for enterprises
Top 3 security concerns for enterprises
 
Big data security
Big data securityBig data security
Big data security
 
Big data security
Big data securityBig data security
Big data security
 
3 guiding priciples to improve data security
3 guiding priciples to improve data security3 guiding priciples to improve data security
3 guiding priciples to improve data security
 
Global Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid WorldGlobal Data Management: Governance, Security and Usefulness in a Hybrid World
Global Data Management: Governance, Security and Usefulness in a Hybrid World
 
Protecting Corporate Information in the Cloud
Protecting Corporate Information in the CloudProtecting Corporate Information in the Cloud
Protecting Corporate Information in the Cloud
 
Governing the Chaos
Governing the ChaosGoverning the Chaos
Governing the Chaos
 
Five_Big_Data_Security_Pitfalls
Five_Big_Data_Security_PitfallsFive_Big_Data_Security_Pitfalls
Five_Big_Data_Security_Pitfalls
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdf
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991
 
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
Information Security vs. Data Governance vs. Data Protection: What Is the Rea...
 
Why Cybersecurity is a Data Problem
Why Cybersecurity is a Data ProblemWhy Cybersecurity is a Data Problem
Why Cybersecurity is a Data Problem
 
SecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRCSecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRC
 
SecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRCSecureGRC: Unification of Security Monitoring and IT-GRC
SecureGRC: Unification of Security Monitoring and IT-GRC
 
Data Center - Market Segmentation.pptx
Data Center - Market Segmentation.pptxData Center - Market Segmentation.pptx
Data Center - Market Segmentation.pptx
 
Protect your confidential information while improving services
Protect your confidential information while improving servicesProtect your confidential information while improving services
Protect your confidential information while improving services
 
Proven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS DeckProven Practices to Protect Critical Data - DarkReading VTS Deck
Proven Practices to Protect Critical Data - DarkReading VTS Deck
 
trellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdftrellix-dlp-buyers-guide.pdf
trellix-dlp-buyers-guide.pdf
 

More from Booz Allen Hamilton

You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest ChallengesYou Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest ChallengesBooz Allen Hamilton
 
Examining Flexibility in the Workplace for Working Moms
Examining Flexibility in the Workplace for Working MomsExamining Flexibility in the Workplace for Working Moms
Examining Flexibility in the Workplace for Working MomsBooz Allen Hamilton
 
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen Hamilton
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowBooz Allen Hamilton
 
Preparing for New Healthcare Payment Models
Preparing for New Healthcare Payment ModelsPreparing for New Healthcare Payment Models
Preparing for New Healthcare Payment ModelsBooz Allen Hamilton
 
The Product Owner’s Universe: Agile Coaching
The Product Owner’s Universe: Agile CoachingThe Product Owner’s Universe: Agile Coaching
The Product Owner’s Universe: Agile CoachingBooz Allen Hamilton
 
Immersive Learning: The Future of Training is Here
Immersive Learning: The Future of Training is HereImmersive Learning: The Future of Training is Here
Immersive Learning: The Future of Training is HereBooz Allen Hamilton
 
Nuclear Promise: Reducing Cost While Improving Performance
Nuclear Promise: Reducing Cost While Improving PerformanceNuclear Promise: Reducing Cost While Improving Performance
Nuclear Promise: Reducing Cost While Improving PerformanceBooz Allen Hamilton
 
Frenemies – When Unlikely Partners Join Forces
Frenemies – When Unlikely Partners Join ForcesFrenemies – When Unlikely Partners Join Forces
Frenemies – When Unlikely Partners Join ForcesBooz Allen Hamilton
 
Booz Allen Secure Agile Development
Booz Allen Secure Agile DevelopmentBooz Allen Secure Agile Development
Booz Allen Secure Agile DevelopmentBooz Allen Hamilton
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Hamilton
 
Booz Allen Hamilton and Market Connections: C4ISR Survey Report
Booz Allen Hamilton and Market Connections: C4ISR Survey ReportBooz Allen Hamilton and Market Connections: C4ISR Survey Report
Booz Allen Hamilton and Market Connections: C4ISR Survey ReportBooz Allen Hamilton
 
Modern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksModern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksBooz Allen Hamilton
 
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...Booz Allen Hamilton
 
Booz Allen Field Guide to Data Science
Booz Allen Field Guide to Data Science Booz Allen Field Guide to Data Science
Booz Allen Field Guide to Data Science Booz Allen Hamilton
 

More from Booz Allen Hamilton (20)

You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest ChallengesYou Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
You Can Hack That: How to Use Hackathons to Solve Your Toughest Challenges
 
Examining Flexibility in the Workplace for Working Moms
Examining Flexibility in the Workplace for Working MomsExamining Flexibility in the Workplace for Working Moms
Examining Flexibility in the Workplace for Working Moms
 
The True Cost of Childcare
The True Cost of ChildcareThe True Cost of Childcare
The True Cost of Childcare
 
Booz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of DirectorsBooz Allen's 10 Cyber Priorities for Boards of Directors
Booz Allen's 10 Cyber Priorities for Boards of Directors
 
Inaugural Addresses
Inaugural AddressesInaugural Addresses
Inaugural Addresses
 
Military Spouse Career Roadmap
Military Spouse Career Roadmap Military Spouse Career Roadmap
Military Spouse Career Roadmap
 
Homeland Threats: Today and Tomorrow
Homeland Threats: Today and TomorrowHomeland Threats: Today and Tomorrow
Homeland Threats: Today and Tomorrow
 
Preparing for New Healthcare Payment Models
Preparing for New Healthcare Payment ModelsPreparing for New Healthcare Payment Models
Preparing for New Healthcare Payment Models
 
The Product Owner’s Universe: Agile Coaching
The Product Owner’s Universe: Agile CoachingThe Product Owner’s Universe: Agile Coaching
The Product Owner’s Universe: Agile Coaching
 
Immersive Learning: The Future of Training is Here
Immersive Learning: The Future of Training is HereImmersive Learning: The Future of Training is Here
Immersive Learning: The Future of Training is Here
 
Nuclear Promise: Reducing Cost While Improving Performance
Nuclear Promise: Reducing Cost While Improving PerformanceNuclear Promise: Reducing Cost While Improving Performance
Nuclear Promise: Reducing Cost While Improving Performance
 
Frenemies – When Unlikely Partners Join Forces
Frenemies – When Unlikely Partners Join ForcesFrenemies – When Unlikely Partners Join Forces
Frenemies – When Unlikely Partners Join Forces
 
Booz Allen Secure Agile Development
Booz Allen Secure Agile DevelopmentBooz Allen Secure Agile Development
Booz Allen Secure Agile Development
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat BriefingBooz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Industrial Cybersecurity Threat Briefing
 
Booz Allen Hamilton and Market Connections: C4ISR Survey Report
Booz Allen Hamilton and Market Connections: C4ISR Survey ReportBooz Allen Hamilton and Market Connections: C4ISR Survey Report
Booz Allen Hamilton and Market Connections: C4ISR Survey Report
 
CITRIX IN AMAZON WEB SERVICES
CITRIX IN AMAZON WEB SERVICESCITRIX IN AMAZON WEB SERVICES
CITRIX IN AMAZON WEB SERVICES
 
Modern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military NetworksModern C4ISR Integrates, Innovates and Secures Military Networks
Modern C4ISR Integrates, Innovates and Secures Military Networks
 
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
Agile and Open C4ISR Systems - Helping the Military Integrate, Innovate and S...
 
Women On The Leading Edge
Women On The Leading Edge Women On The Leading Edge
Women On The Leading Edge
 
Booz Allen Field Guide to Data Science
Booz Allen Field Guide to Data Science Booz Allen Field Guide to Data Science
Booz Allen Field Guide to Data Science
 

Recently uploaded

Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Riya Pathan
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportMintel Group
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCRashishs7044
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Servicecallgirls2057
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy Verified Accounts
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Seta Wicaksana
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Marketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet CreationsMarketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet Creationsnakalysalcedo61
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckHajeJanKamps
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Kirill Klimov
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadAyesha Khan
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Timedelhimodelshub1
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionMintel Group
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 

Recently uploaded (20)

Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737Independent Call Girls Andheri Nightlaila 9967584737
Independent Call Girls Andheri Nightlaila 9967584737
 
India Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample ReportIndia Consumer 2024 Redacted Sample Report
India Consumer 2024 Redacted Sample Report
 
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR8447779800, Low rate Call girls in Tughlakabad Delhi NCR
8447779800, Low rate Call girls in Tughlakabad Delhi NCR
 
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort ServiceCall US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
Call US-88OO1O2216 Call Girls In Mahipalpur Female Escort Service
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail Accounts
 
Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...Ten Organizational Design Models to align structure and operations to busines...
Ten Organizational Design Models to align structure and operations to busines...
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Marketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet CreationsMarketing Management Business Plan_My Sweet Creations
Marketing Management Business Plan_My Sweet Creations
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
 
Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024Flow Your Strategy at Flight Levels Day 2024
Flow Your Strategy at Flight Levels Day 2024
 
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in IslamabadIslamabad Escorts | Call 03070433345 | Escort Service in Islamabad
Islamabad Escorts | Call 03070433345 | Escort Service in Islamabad
 
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In Greater Noida ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Time
 
Future Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted VersionFuture Of Sample Report 2024 | Redacted Version
Future Of Sample Report 2024 | Redacted Version
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 

Strategic Information Management Through Data Classification

  • 1. Strategic Information Management Through Data Classification Reducing Corporate Risk and Cost by Gaining Control of Business Information Assets by Glen Day day_glen@bah.com
  • 2.
  • 3. Strategic Information Management Through Data Classification Reducing Corporate Risk and Cost by Gaining Control of Business Information Assets Even in the midst of a global recession, enterprise storage demand continues to grow at a feverish pace. In addition to bearing escalating costs for storage and related services, companies are also facing increasing risk of data breaches due to the pervasiveness of how and where confidential files are stored. Despite significant investments in content management and data leak protection technologies, most businesses still lack the core processes and tools needed to effectively manage vast amounts of digital data in accordance with business objectives and compliance mandates. Providing businesses with the capabilities necessary to effectively manage and protect information assets demands a more strategic and comprehensive approach to today’s information management programs. This paper provides a better understanding of how exponential data growth directly affects the risk posture of critical corporate information assets, and addresses IDC estimates that information is now growing by the common problems caused by gaps in information 60 percent per year and will continue to grow at that management programs and the likely consequences rate through 2011. Worldwide, digital information will associated with immature methodologies. It also highlights escalate tenfold between 2006 and 2011, from under the business advantages and the privacy compliance 200 to almost 2,000 exabytes. However, not all of benefits that can be realized with an effective data this digital information is stored safely in the corporate classification program that applies a holistic approach to database where it can be managed, monitored, and information management. controlled. Enterprise Strategy Group estimates that between 80 to 85 percent of all business data More Data, More Cost, More Risk is unstructured (ESG, 2007), much of this in the Over the past few decades, most companies made a form of e-mails, text documents, spreadsheets, and strategic decision to provide increasing IT resources presentations (.doc, .ppt, .xls, and .pdf). to their employees. As a result, Moore’s Law prevailed not only in processing power, but also in storage disk Unstructured data is considered the most evasive capacity. For the past few decades, the price of a and unmanaged data format within any company; this gigabyte of storage has been dropping by 30 percent poses great risk to businesses. Few hurdles prevent per year, on average. A company having insufficient employees from copying confidential data from secure storage is now virtually unthinkable. Despite a databases and storing the same information in slowing economy, the storage industry in the United a spreadsheet, thereby negating any security measures States grew by 15 percent between 2007 and 2008 protecting its access, use, and dissemination. This kind (IDC, 2008). of violation is often perpetrated by employees to provide 1
  • 4. convenient access to information while in transit or the discovery of malicious software installed on the traveling. Unfortunately, this practice can lead to serious company’s systems. As Heartland processes more security and privacy breaches, as laptops and USB than 100 million transactions per month, the number storage devices with insufficient security controls to of compromised records could be in the hundreds of protect sensitive data are often lost or stolen. millions. At $200 per record stolen, the financial hit to Heartland could be devastating (Claburn, 2009). With corporate data increasing exponentially, what are the ramifications of having the storage environment In 1999, congressional lawmakers Phil Gramm, Jim grow 30 percent faster than a company’s revenue or Leach, and Tom Bliley pushed through the Gramm- IT budget? With a 30 percent annual average price Leach-Bliley Act, the first major piece of legislation that decline, a simplistic view suggests just purchasing specifies measures companies must take to protect more disks. However, this tactic promises more than it Nonpublic Personal Information (NPI). This became the delivers. Related incremental costs for staff and storage foundation for many other privacy regulations—such as management services such as backup, antivirus, and HIPAA and the Payment Card Industry (PCI) initiative, data replication continue to escalate unabated. mandating protection of sensitive patient and customer data, respectively. In a post-9/11 world, other new Over time, most business information devolves from regulations like the International Traffic in Arms being an information asset to being an information Regulations (ITAR) place additional restrictions on the liability—it no longer serves a business need yet flow of trade information. New attention is now focused still requires care, protection, and incurs costs. on the shipment of microchips and electronics, as The challenge is not to restrict the growth of useful well as related electronic information surrounding business data considered to be valued assets, but these devices. This spotlight places further duties how to better manage and dispose of expired or and burdens on businesses. To properly distribute worthless data. This useless information is expensive information internationally related to the manufacture to maintain, holds no further business value, and of these components, one may have to effectively continues to present a high business risk. classify and restrict access to thousands or even The increasing threat of data leakage remains a primary millions of files and stored e-mails. business challenge. A recent Wall Street Journal article reported that the number of data breaches increased by A Growing Data Management Challenge almost 50 percent in 2008, compared to the previous Until recently, these problems were relatively year, exposing the personal records of some 36 million manageable. In cases where unstructured data needed people to potential thieves (WSJ, 2009). The Ponemon to be closely managed for a regulation such as HIPAA Institute found that these breaches cost companies or ITAR, companies could employ Enterprise Content nearly $200 per record stolen, or $6.6M per incident. Management systems. For a small pool of data, such The more data stored by an organization, the higher the as the CEO’s e-mail or a repository of engineering risk of a breach. Given the exponential increase in data documents relevant to litigation, businesses could breach incidents, if a casualty has not yet occurred, use litigation support software or services. If data in odds are that one is imminent (ponemon.org). specific folders or behind certain applications needed to be protected, they could use Identity Management Until recently, TJX Companies, parent company and Data Loss Prevention solutions. of retail giant T.J. Maxx, held the record for the largest single security breach of sensitive customer Those solutions assumed some logical concentration information. On January 21, 2009, Heartland Payment of relevant data, either in a few places or as a Systems, a large credit card payment processing manageable size. Unfortunately, these assumptions company, eclipsed TJX when Heartland announced are no longer valid. Data held by Fortune 500 2
  • 5. companies can no longer be measured in single or ad hoc process changes. In Booz Allen’s view, terabytes and typically exists in multi-petabyte enterprises should implement a strategic information heterogeneous storage environments spread out management program by first classifying data to across global networks. There are multiple silos of help reduce their corporate risk exposure, decrease information, in many cases governed by data stewards information discovery times, improve compliance with authority to create their own policies based on status, and potentially realize significant cost savings regional or departmental priority. through an effective data disposal program. There are substantial synergies between information Most companies do not have adequate management and other enterprise-wide shared services, including access management, data processes or technologies to manage their leakage protection, records management, litigation unstructured data. 75% said they were support, storage management, governance, risk, concerned that their unstructured data was and compliance. Our comprehensive approach growing too rapidly. 63% said they did not have takes a holistic view of key business processes and data protection controls as assessed against our adequate systems to manage it. information management adoption model in Exhibit 1. - Computerworld survey of 250 large companies on data management New rules and regulations governing how data must be stored, secured, transferred, retained, disposed of, and used will encourage many businesses to emulate On average, most large corporations now have over the standard set by US military and intelligence 240 terabytes of storage, of which some 80 terabytes communities in establishing a classification schema. may be subject to significant requirements for information protection, such as access and lifecycle Exhibit 1 | The Booz Allen Strategic Information controls. Relevant and supporting enterprise policies Management Model (SIMM) or solutions for meeting those requirements are often immature and insufficient. The digital data, and its management requirements, have simply grown Data Classification too fast for most companies to build an effective Policy & Procedures information management strategy that can meet Data Information Leakage Handling business objectives. Preventive Policy & Program Procedures Continuing to neglect these challenges may result in: Strategic adverse legal judgments for failing to meet Federal Information Rules of Civil Procedure (FRCP) guidelines; penalties; Access Management Data Retention Management Model & Disposal and lost business resulting from data privacy Program Policy & Procedures breaches, or loss of trade secrets that could diminish a company’s competitive edge. Effectively employing Electronic Automated Discover Data an information management strategy may be the single (eDiscovery) Disposal largest priority for Fortune 500 companies over the Program Program next 3 years. Answering the Challenge Gaining control of corporate information assets will Source: Booz Allen Hamilton not be accomplished through technology solutions 3
  • 6. For almost a century, Booz Allen Hamilton has assisted federal agencies and commercial companies in building strategies to streamline their operations and gain a competitive advantage. More recently, Booz Allen has helped to pioneer strategies for large organizations to solve enterprise problems related to records management and information security. This unique experience and expertise has never been more relevant for commercial companies with global operations. Effective Information Management Through Strategic Data Classification The majority of data and privacy breaches are avoidable. Traditionally, organizations have applied a network-centric focus to securing systems, based on defined confidentiality levels for storing and processing data. While still a necessary component, a more information-centric approach is needed today. Better control and protection of confidential and sensitive information first requires an awareness of where the data is stored and how it is protected. Booz Allen’s methodology conveys the complexities of information management in simple business terms: • Discovery: Once classifications are defined, storage • Know what information you have managers should identify known storage areas and query for unknown storage devices. • Know where you have it • Data Mapping: Detailed data maps should then be • Know what information you have to keep created to formally document leading data flows and • Know why you have to keep it their associated classifications. • Keep it only as long as you need to—dispose • Analysis: During this critical phase, stakeholders of everything else should perform a detailed review and evaluation to identify violations and conflicts between corporate Booz Allen’s strategic approach to building and policies and user practices as related to executing a data classification program, as illustrated information handling. in Exhibit 2, is derived from a logical and comprehensive workflow. • Strategic Realignment Plan: Based on the outcomes from the previous phases, remediation • Classification Schema Definition: Prior to classifying recommendations should be developed using unstructured data, business owners must first risk-based methodologies to create a strategic determine the levels of classification (Confidential, plan to realign both administrative policies and Restricted, Public, etc.) and what attributes user practices. This should include an information constitute each of the levels (SSN, credit card security control enhancement plan to mitigate the number, financial information, protected health identified deficiencies. information, etc.). 4
  • 7. Exhibit 2 | Data Classification Assessment Methodology Strategic Classification Schema Discovery Data Mapping Analysis Realignment Definition Plan Source: Booz Allen Hamilton Applying Booz Allen’s business-centric approach to Booz Allen has helped customers at various stages data protection through strategic data classification of the planning and buying cycle. While some clients is an essential element in corporate risk reduction continue to struggle to assemble internal project efforts. This approach will reduce risk, improve teams, others have matured their programs to include compliance, speed information discovery, and—through high automation. Booz Allen offers services at all levels data disposal of expired files—decrease costs. of the adoption cycle and specializes in translating business requirements to policy definitions and Conclusion recommendations for enterprise solutions. Storage capacities are growing exponentially, Discerning business leaders rely on Booz Allen exacerbating the number and severity of data breaches to deliver quality results to help resolve their and other security issues. Whether due to hackers complex business challenges. Leveraging our or employees, companies are at risk of losing or team of experienced cybersecurity experts, proven compromising information assets on a daily basis. In methodologies, and a reputation built on decades of this difficult economic environment, companies need success, Booz Allen works as your trusted advisor to to consider a comprehensive, strategic approach to help protect your business with enduring results. information management through data classification. With decades of relevant experience, Booz Allen Hamilton is the most qualified partner to help drive the adoption of government best practices and proven methodologies for information security and management in the commercial sector. 5
  • 8. About the Author Glen Day is a Principal in Booz Allen Hamilton’s Contact Booz Allen to learn more about our Los Angeles office who leads the firm’s cyber security Cyber Security Strategic Approach. and privacy services for commercial healthcare. Glen works with our clients to mature and optimize their Security Testing security and privacy programs to effectively protect Data their IT assets and meet compliance mandates. ISO/IEC 27001 Classification Security Cyber Previously, as Los Angeles County’s first Chief Privacy Program Security Strategy Officer, he was responsible for the development and implementation of HIPAA’s privacy policies and Assessment Identity & practices, working across several departments and & Inventory Access Management Management hospitals to drive the county's health privacy excellence. Glen also has held executive positions for IT operations and cyber security at various start-ups, and is a retired Commander from the US Navy. He earned his MS in Information Management from the Naval Postgraduate School and his BS in Applied Mathematics from the University of Southern California. Contact Information: Sources Glen Day Claburn, Thomas, “Heartland Payment Systems Hit by Data Security Breach,” InformationWeek, January 20, 2009 Principal, CISSP, CISM Cyber Security & Privacy Enterprise Strategy Group, Extending Discovery to All Corporate day_glen@bah.com Information, December 2007 310/297-2120 IDC, The Diverse and Exploding Digital Universe, March 2008 6
  • 9. About Booz Allen Booz Allen Hamilton has been at the forefront of information technology, systems engineering, and strategy and technology consulting for 95 years. Every program management, Booz Allen is committed to day, government agencies, institutions, corporations, delivering results that endure. and infrastructure organizations rely on the firm’s With 20,000 people and $4 billion in annual revenue, expertise, and objectivity, and on the combined Booz Allen is continually recognized for its quality capabilities and dedication of our exceptional people work and corporate culture. In 2009, for the fifth to find solutions and seize opportunities. We combine consecutive year, Fortune magazine named Booz Allen a consultant’s unique problem-solving orientation one of “The 100 Best Companies to Work For,” and with deep technical knowledge and strong execution Working Mother magazine has ranked the firm among to help clients achieve success in their most critical its “100 Best Companies for Working Mothers” missions. Providing a broad range of services in annually since 1999. strategy, operations, organization and change, To learn more about the firm and to download digital versions of this article and other Booz Allen Hamilton publications, visit www.boozallen.com. 7
  • 10. Principal Offices ALABAMA KANSAS OHIO Huntsville Leavenworth Dayton CALIFORNIA MARYLAND PENNSYLVANIA Los Angeles Aberdeen Philadelphia San Diego Annapolis Junction San Francisco Lexington Park SOUTH CAROLINA COLORADO Linthicum Charleston Colorado Springs Rockville TEXAS Denver MASSACHUSETTS Houston FLORIDA Boston San Antonio Pensacola Sarasota MICHIGAN VIRGINIA Tampa Troy Arlington Chantilly GEORGIA NEBRASKA Falls Church Atlanta Omaha Herndon HAWAII NEW JERSEY McLean Honolulu Norfolk Eatontown Stafford ILLINOIS NEW YORK O’Fallon WASHINGTON, DC Rome The most complete, recent list of office addresses and telephone numbers can be found on www.boozallen.com by clicking the “Offices” link under “About Booz Allen.” www.boozallen.com ©2009 Booz Allen Hamilton Inc. BAH-083 Viewpoint