Converged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

Transcription

1 Converged security Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

2 Increased risk and wasted resources Gartner estimates more than $1B in IT spending is misallocated each year because of a lack of business line of sight impact.* That level of investment is unsustainable. *Gartner, Business Intelligence for IT: Integrating Operational and Security Intelligence 10/2011 2

3 Data breaches are trending up Source: 3

4 We are looking in the wrong place Research Infiltration Discovery Perimeter Controls Internal Controls Security spend Their ecosystem Capture Exfiltration Our enterprise 4

5 Challenges to overcome Lack of visibility into anomalies and threats across all enterprise data Chain reaction of not being able pinpoint problem source Comprehensive malicious code attacks Governance and compliance 5

6 IT Security IT Operations How do we bridge the gap? Budgets 6

7 Converged security 7

8 IT Security User provisioning Identity & access mgmt Database encryption Anti-virus, endpoint Firewall, security See everything Act IT Operations User Management App Lifecycle Mgmt Information Mgmt Operations Mgmt Network Mgmt See everything Understand context Proactive risk reduction 8

9 More than just a non-functional requirement but embedded in everything IT does EA PMO Testers Dev It Value chain Users LOB IT Ops IT Engineers Strategy to portfolio Requirement to deploy Request to fulfill Detect to correct Drive IT portfolio to business innovation Build what the business wants, when it wants it Catalog, fulfill, and manage services and track usage Anticipate and resolve service issues Plan Define Dev Build Test Deploy Release Operate 9

10 Continuous life cycle management Protect against cyber threats and data loss Proactive security Comply with government and regulatory mandates Automated compliance reporting Unsurpassed efficiencies Guaranteed service level Patch management User monitoring y Fraud monitoring Event correlation Data and analytics Controls monitoring App monitoring Operations management Log management 10 Configuration management

11 Where do I begin? 11

12 Key focus areas Security Asset Lifecycle Management Augmented Cyber Operations Security Compliance & Automated Remediation Secure Application Lifecycle Management 12 Analytics

13 Secure Asset Lifecycle Management Security Asset Lifecycle Management Augmented Cyber Operations Security Compliance & Automated Remediation Secure Application Lifecycle Management

14 Discovering and tracking infrastructure Let s add it, our users will love it! We could do it quick, there is really no impact That s a nifty little app Internet 14

15 Discovery and mapping Systems Risk profile Dependencies Service discovery Applications Compliance controls Security Active monitoring Configuration Vulnerability management 15

16 Augmented Cyber Security Operations Security Asset Lifecycle Management Augmented Cyber Operations Security Compliance & Automated Remediation Secure Application Lifecycle Management Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

17 Augmented cyber operations Dashboards & analytics CMDB IT Operations Bridge Alerts & Intelligence Asset configuration context Security Operations Console Aggregation Correlation Visualization IT monitoring Security monitoring Data collection Operations events and performance data Security events and log data Applications Storage Mobile Cloud Clients Network Systems

18 Augmented cyber security operations Increase security analysis time to value Incorporate IT management tools typically used for managing service performance and availability Use existing IT tools to augment security team s capabilities Feed security information back into IT Operations for business impact and awareness 18

19 Security Compliance & Automated Remediation Security Asset Lifecycle Management Augmented Cyber Operations Security Compliance & Automated Remediation Secure Application Lifecycle Management

20 Keeping compliant Update and report Discover Remediate Determine current state Compare with desired state 20

21 Automated remediation Automated orchestration/remediation Augmented Cyber Operations Server automation Database & middleware automation Network automation Application automation Other IT Service Mgmt (ITSM) Monitor events & alerts Help desk, change requests and catalog services Configuration Management

22 Secure Application Lifecycle Management Security Asset Lifecycle Management Augmented Cyber Operations Security Compliance & Automated Remediation Secure Application Lifecycle Management

23 Secure application lifecycle Static Analysis Dynamic Analysis Runtime Analysis Actual attacks Source Code Management Static analysis via build integration Dynamic testing in QA or production Real-time analysis & protection of running application Hackers Remediation IDE Plug-ins (Eclipse, Visual Studio, etc.) Vulnerability Management Software Security Center Normalization (Scoring, guidance) Vulnerability Database Application Lifecycle Developers (onshore or offshore) Correlate target vulnerabilities with common guidance and scoring Correlation (Static, Dynamic, Runtime) Threat Intelligence Rules Management Defects, metrics and KPIs used to measure risk Development, project and management stakeholders

24 Bringing it all together

25 Executive Dashboard Key performance indicators Data Analytics Business driven decision making Integrated Cyber Operations Center SOC/NOC dashboards Event correlation Integrated service management workflows IT Operations Application performance System & network monitoring Event management CMS Security Operations SIEM Event correlation Analysis Security compliance & automated remediation Compliance management Policy management Automated remediation Discovery services Infrastructure & application discovery and mapping Asset & configuration management Application Lifecycle Management Requirements management Functional testing Performance testing 25

26 Introducing Converged Security Experience Workshop

27 Introducing the HP Integrated Security and Operations Workshop Lifecycle oriented Interactive Participatory Thought provoking No slides Visually engaging Consensus building

28 For more information Speak to our experts Visit the Guru Bar Located just next to us. Ask us about solving your most difficult challenges. After the event Read more at hp.com/go/convergedsecurity Contact your sales representative 28

29 Please give me your feedback Session 3054 Speakers Gerben Verstraete and Colin Henderson Please fill out a survey. Hand it to the door monitor on your way out. Thank you for providing your feedback, which helps us enhance content for future events. 29

30 Thank you

31