3. YOU CAN BE IF YOU...
ARE ACCOUNTABLE TO
THE BUSINESS
PERFORM DUE DILIGENCE
TURN DATA INTO
ACTIONABLE INSIGHT
4. ACCOUNTABLE
TO THE BUSINESS?
YES, THROUGH STRATEGY.
Relate your security efforts
to your business – organizational
objectives, industry context,
compliance requirements, critical
assets, business processes and risks
you’re willing to take.
5. DUE DILIGENCE?
YES, BY INVOLVING
THE BUSINESS.
Interview the people on the front lines
of the business, the ones who own
process. They know what business-
critical data really is and what really
has value.
Ask them, “If someone were to come
in and steal something from you, what
would freak you out the most?
What would have the most impact
on YOUR line of business?”
6. DATA INTO ACTIONABLE
INSIGHT? YES, YOU’LL
BECOME MORE AWARE
AND MAKE BETTER DECISIONS.
When you get to the right data,
you’ll have understanding and visibility.
In other words, AWARENESS.
When you take everything you know
and learn, focus and prepare, you’ll
have better control and the foundation
for resiliency. In other words,
INTELLIGENCE.
7. SO HOW DO YOU
GET THERE?
It’s not a destination,
rather a constant
iteration.iteration.
8. IT’S BUILDING
CAPABILITIES.
You don’t have to be
a superstar in all of
them. But you should
be doing all of them.
Capabilities
Bu
ild Pr
epare
Oper
ate
Resp
ond
9. IT’S WORKING
TOWARD DEFINED
OUTCOMES —
strategic, proactive,
ongoing and
restored security
Capabilities
Outcomes
Bu
ild Pr
epare
Oper
ate
Resp
ond
Str
ategic Pro
active
Ongoi
ng
Resto
red
18. THINK
ABOUT THIS:
if you have great operations,
but your strategy is off, you’re
probably going to fail to achieve
business outcomes and protect
critical assets.
19. YOU CAN HAVE
AWESOME
STRATEGY AND
OPERATIONS,
but without the ability to
respond, you’ll probably kick
yourself if something does
happen.
27. WHAT’S THE VALUE
OF MATURITY?
In security, a lot.
■ You’ll be realizing business outcomes more
consistently
28. WHAT’S THE VALUE
OF MATURITY?
In security, a lot.
■ You’ll be realizing business outcomes more
consistently
■ You’ll be more aware
29. WHAT’S THE VALUE
OF MATURITY?
In security, a lot.
■ You’ll be realizing business outcomes more
consistently
■ You’ll be way more aware
■ That big, bad breach won’t seem so big
and bad after all
30. WHAT’S THE VALUE
OF MATURITY?
In security, a lot.
■ You’ll be realizing business outcomes more
consistently
■ You’ll be way more aware
■ That big, bad breach won’t seem so big
and bad after all
■ You’ll constantly be getting better
31. WHAT’S THE VALUE
OF MATURITY?
In security, a lot.
■ You’ll be realizing business outcomes more
consistently
■ You’ll be way more aware
■ That big, bad breach won’t seem so big
and bad after all
■ You’ll constantly be getting better
■ You’ll have the info you need to change
your strategy, how you operate and
what you test for
32. WHAT’S THE VALUE
OF MATURITY?
In security, a lot.
■ You’ll be realizing business outcomes more
consistently
■ You’ll be way more aware
■ That big, bad breach won’t seem so big
and bad after all
■ You’ll constantly be getting better
■ You’ll have the info you need to change
your strategy, how you operate and
what you test for
■ And you’ll be kicking some
benchmarking butt
35. CALL TELUS.
NOT the phone guys.
The security experts.
Yes, the security experts.
US.
36. We have really
strong capabilities
to help you build,
prepare, operate
and/or respond.
JUST ASK IDC!
IDC recognized TELUS as a
leader in the managed security
services market in Canada.
37. Don’t believe the phone guys are also
the security pros? Check out what we offer.
Stage Customer
Responsibilities
Security Services Outcomes
Build
Identify business need, determine risk
tolerance, develop governance and
management frameworks, build security
roadmap, align budgets, develop strategy,
determine resources, align tactical controls
to business needs, identify required controls
and associated capabilities, compare
options, design security infrastructure/
architecture, deploy tactical controls.
■ Security Governance Review
■ Security Framework
Optimization
■ Design and Architecture
■ Controlled Delivery
Strategic Security – sound security
investments, risk management,
reasonable controls
Prepare
Monitor compliance with regulatory and
internal standards, monitor policy framework,
threat and vulnerability testing, demonstrate
the evidence
■ Security exposure identification
■ Validation of existing controls
■ Recommendations for
exposure resolution
Proactive Security – the security
that was built and that is operating
is working as intended; insight to
amend policies, procedures and
controls to get to adequate and
effective security
Operate
Program management, monitor activity,
track incidents (trends and metrics), detect
anomalies and malicious threats, counteract
threats (technical or procedural controls),
security status reporting (metrics).
■ Next Gen Firewalls
■ IPS
■ SIEM
■ Email & Web Security
■ Security Monitoring & IA
■ Program Management
Ongoing Security -- auditable,
repeatable, outcome-focused
security that enables continuous
improvement
Respond
Restore security, respond to cyber
risk, remediate, perform retrospective,
communications plan, revisit security
strategy.
■ Forensic Investigation
■ Data analysis
■ Incident handling and recovery
■ Damage assessment
Restored Security – back to
business and more resilient, aware
security
38. WE CAN PROVIDE THE ELEMENTS OF A MATURE SECURITY PRACTICE,
AND DO PROVIDE ALL OF THE ELEMENTS FOR MANY ORGANIZATIONS.
39. WE CAN PROVIDE THE ELEMENTS OF A MATURE SECURITY PRACTICE,
AND DO PROVIDE ALL OF THE ELEMENTS FOR MANY ORGANIZATIONS.
Why? Because we have: track record
(proven approaches and solutions);
partnership (learn, fail and win with you); substance (all
this great security stuff from ONE provider);
specialists (recognized experts with specific focus).
40. WE CAN PROVIDE THE ELEMENTS OF A MATURE SECURITY PRACTICE,
AND DO PROVIDE ALL OF THE ELEMENTS FOR MANY ORGANIZATIONS.
Why? Because we have: track record
(proven approaches and solutions);
partnership (learn, fail and win with you); substance (all
this great security stuff from ONE provider);
specialists (recognized experts with specific focus).
And most importantly: WE’VE BEEN THERE.
We’ve been where you are, doing what you’re doing –
we’ve faced the day-to-day realities of what we’re selling.
41. SECURITY TRULY IS A JOURNEY.
AND EVERYONE MATURES AT A DIFFERENT RATE.
We can help to guide your journey.
To be aware. To be intelligent. To be resilient. To be prepared.
42. SECURITY TRULY IS A JOURNEY.
AND EVERYONE MATURES AT A DIFFERENT RATE.
We can help to guide your journey.
To be aware. To be intelligent. To be resilient. To be prepared.
■ It’s more than a product or a service
43. SECURITY TRULY IS A JOURNEY.
AND EVERYONE MATURES AT A DIFFERENT RATE.
We can help to guide your journey.
To be aware. To be intelligent. To be resilient. To be prepared.
■ It’s more than a product or a service
■ It’s more specialist than generalist
44. SECURITY TRULY IS A JOURNEY.
AND EVERYONE MATURES AT A DIFFERENT RATE.
We can help to guide your journey.
To be aware. To be intelligent. To be resilient. To be prepared.
■ It’s more than a product or a service
■ It’s more specialist than generalist
■ It’s finding the gaps and filling them
45. SECURITY TRULY IS A JOURNEY.
AND EVERYONE MATURES AT A DIFFERENT RATE.
We can help to guide your journey.
To be aware. To be intelligent. To be resilient. To be prepared.
■ It’s more than a product or a service
■ It’s more specialist than generalist
■ It’s finding the gaps and filling them
■ It’s partnering. It’s speaking the same language
46. SECURITY TRULY IS A JOURNEY.
AND EVERYONE MATURES AT A DIFFERENT RATE.
We can help to guide your journey.
To be aware. To be intelligent. To be resilient. To be prepared.
■ It’s more than a product or a service
■ It’s more specialist than generalist
■ It’s finding the gaps and filling them
■ It’s partnering. It’s speaking the same language
■ It’s more than a sale. It’s making the right short-term
decisions for the right long term outcomes
47. SECURITY TRULY IS A JOURNEY.
AND EVERYONE MATURES AT A DIFFERENT RATE.
We can help to guide your journey.
To be aware. To be intelligent. To be resilient. To be prepared.
■ It’s more than a product or a service
■ It’s more specialist than generalist
■ It’s finding the gaps and filling them
■ It’s partnering. It’s speaking the same language
■ It’s more than a sale. It’s making the right short-term
decisions for the right long term outcomes
■ It’s TELUS Security Solutions. One security provider.
One focus. Making sure you’re prepared for the inevitable
48. Become more aware, resilient and prepared.
Find out more at telus.com/talkssecurity