Run the business. Not the risks.

Transcription

1 Run the business. Not the risks.

2

3 RISK-RESILIENCE FOR THE DIGITAL BUSINESS Cyber-attacks are a known risk to business. Today, with enterprises becoming pervasively digital, these risks have grown multifold. The adoption of IoT has significantly expanded the vulnerable digital surface, while the cloud has greatly extended the enterprise s perimeters. This has made the traditional approach to enterprise security inadequate. A new approach that s more cohesive and unified is needed to boost enterprise security, so business can be conducted with confidence. Our integrated approach to enterprise security helps you focus on the needs of your business, while we manage the risks of an increasingly sophisticated threat environment. We bring the advantages of best of breed product partnerships, best practices, expert talent, deep industry insights and offer it all to you with the commercial flexibility you need to benefit from noiseless security operations.

4 WE ADVISE-TRANSFORM-MANAGE TO DELIVER RISK-RESILIENCE Assess security posturing needs Support board-level security conversations Architect application & infrastructure security blueprint Advice & prepare roadmap for compliance readiness ADVISE TRANSFORM Secure identities, assets, data & applications Expand security radius beyond enterprise perimeters to the Cloud Automate programmed responses to behavior Unify security & risk reporting for CISOs Comply with emerging security standards Deliver 24X7 security operations as managed service Minimize cap-ex with security-as-a-service Deliver security intelligence leveraging user consortiums MANAGE

5 FROM ADVISORY TO ARCHITECTURE TO TRANSFORMATION AND SECURITY OPERATIONS, NAVIGATE THE CYBER SECURITY LANDSCAPE IDENTITY & ACCESS MANAGEMENT APPLICATION SECURITY DATA PRIVACY & SECURITY GOVERNANCE, RISK & COMPLIANCE INFRASTRUCTURE & CLOUD SECURITY Identity Governance Access Management Privileged Account Management (PAM) Vulnerability Management Application Security Testing Penetration Testing Secure SDLC Data Discovery & Classification Data Masking Data Loss Prevention (DLP) Data Encryption Digital Rights Management Data Monitoring Risk Management Vendor Risk Management Compliance Management (GDPR, PCI DSS, FFIEC, SOX, Privacy Laws, GLBA, SSAE 16 / SAS 70, COBIT) Perimeter and Network Security Endpoint Security Security Incident & Event Management (SIEM) Cloud Security Assessment, Advisory and Compliance

6 SERVICES ACROSS THE CYBER SECURITY LANDSCAPE Identity and Access Management Our enterprise-scale services include both processes and technologies to securely manage identities and access privileges for users. Our advanced capabilities in biometrics, IoT and robotic process help you deliver greater value through effective user relationship management. Application Security We can help you with end-to-end, secure development and operations to build, run and maintain your applications. This means vastly improving the resilience your core enterprise applications and other critical business platforms. Data Privacy and Security The unmatched experience of our data security strategists, will help you assess risks and protect your valuable data assets. From business-driven, risk management strategies to operating models and compliance plans aligned with your unique business needs our services cover it all. Governance, Risk and Compliance We make it easier for your business to meet its risk mitigation and compliance goals through effective information security audits for risk assessment, implementation of robust information security policies and practices along with automation of these processes. Infrastructure and Cloud Security Achieve better security in a virtualized environment. From basic regulatory compliance to futuristic converged security solutions, we offer end-to-end solutions in the areas of data, applications, infrastructure, and cloud security.

7 WE BRING TO YOUR BUSINESS THE EXPERTISE, EXPERIENCE AND COLLABORATIONS THAT COUNT WHEN WORKING ON COMPLEX CYBER SECURITY MANDATES Professional Talent 800+ in Identity and Access Management 300+ in Risk and Compliance 200+ in App & Data Privacy/ Security 400+ in Infrastructure and Cloud Security Transformation Program Expertise Complex implementations across: Americas: 120+ Europe: 50+ Rest of World: 20+ Analyst Validation Infosys was the only global system integrator to be named a Major Player in the IDC MarketScape. US Emerging Managed Security Services 2016 Vendor Assessment Infosys use of cognitive automation to detect threats faster and do more predictive threat modelling was a key factor in the firm s inclusion in the Winner s Circle. Infosys clients also reported high satisfaction with the provider s delivery and expertise Managed Security Services HfS Blueprint Ecosystem of Strategic Partners

8 WE DELIVER VALUE TO OUR CLIENTS BY HELPING THEM FOCUS ON BUSINESS EMPOWERMENT, SECURELY MOVED A LARGE WEALTH MANAGEMENT COMPANY TO A HYBRID CLOUD Delivered continuous audits, risk management & governance to implement information security controls ENABLED SECURE ACCESS FOR DIGITALLY CONNECTED VEHICLES WITH ~4M USER BASE Leveraged identity & access management to introduce advanced authentication for mobile and social access DELIVERED IDENTITY AS A SERVICE FOR AN ENERGY AND SERVICES COMPANY Drove PCI, ISO compliance, with end to end ownership for SLAs covering applications, infrastructure and network Reduced TCO and time to market by 40% Reduced incidents by 15%, manual efforts by 85%. Increased system availability Supported a user base of nearly 60K users across Europe and the U.S

9 WHILE WE MANAGE THE RISKS PROVIDED UNIFIED VULNERABILITY MANAGED SERVICES FOR TECHNOLOGY LEADER Delivered application & infrastructure management for 20+ product lines and 200+ applications. PCI & SOX compliance implemented REDUCED THREAT EXPOSURE FOR AN AMERICAN POST-TRADE FINANCIAL SERVICES FIRM Established an application security CoE for penetration testing of critical web applications. SET UP IT INFRASTRUCTURE SECURITY FOR AN AGRICULTURAL MANAGEMENT PIONEER Migrating users and applications from the parent company as a part of a demerger program Increased operational efficiencies by ~30% Reduced threat exposure, data loss risk and damage to brand reputation Reduced time to value from 3 weeks to 3 days with automated provisioning

10 ONLY INFOSYS HELPS YOU GET SECURE AND COMPLIANT WITH A BIG PRODUCTIVITY ADVANTAGE Infosys Cyber Security Platform We bring the power of Artificial Intelligence to automate routine security operations. The platform codifies that knowledge and provides insights that drive predictive security. This, in turn, also boosts people productivity and creates bandwidth for people to apply to problemfinding and innovation. The Infosys integrated approach We ensure digital data is managed in a proactive way across the service chain of people, systems, and processes, so security initiatives don t remain locked in ineffective silos. Right-skilling for results We orient governance to source expertise from all available sources, both internally and externally, to address capability gaps. We also bring to ongoing engagements continuous learning from new, complex implementations, use cases and evolving security practices.

11 GETTING STARTED Discover how the Infosys approach to cyber security can work for you (in 2-3 hours) Review the value that Infosys can bring to your digital trust quotient. Participate in a discussion to uncover capabilities and the potential path to value for your enterprise. Ask for a cyber security value discovery workshop (in 1-2 days) Value assessment to discover your current IT and business landscape, associated problem statements and identify tangible opportunities for value creation through Infosys cyber security.

12 For more information, contact 2017 Infosys Limited, Bengaluru, India. All Rights Reserved. Infosys believes the information in this document is accurate as of its publication date; such information is subject to change without notice. Infosys acknowledges the proprietary rights of other companies to the trademarks, product names and such other intellectual property rights mentioned in this document. Except as expressly permitted, neither this documentation nor any part of it may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, printing, photocopying, recording or otherwise, without the prior permission of Infosys Limited and/ or any named intellectual property rights holders under this document. Infosys.com NYSE: INFY Stay Connected