DIGITAL TRUST AT THE CORE

Similar documents
SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

FOR FINANCIAL SERVICES ORGANIZATIONS

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

THE ACCENTURE CYBER DEFENSE SOLUTION

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Data Management and Security in the GDPR Era

Continuous protection to reduce risk and maintain production availability

locuz.com SOC Services

COST OF CYBER CRIME STUDY INSIGHTS ON THE SECURITY INVESTMENTS THAT MAKE A DIFFERENCE

Run the business. Not the risks.

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

Securing Your Digital Transformation

AKAMAI CLOUD SECURITY SOLUTIONS

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Accelerate Your Enterprise Private Cloud Initiative

MATURE YOUR CYBER DEFENSE OPERATIONS with Accenture s SIEM Transformation Services

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Background FAST FACTS

Security-as-a-Service: The Future of Security Management

Cisco Start. IT solutions designed to propel your business

Oracle Database Security Assessment Tool

Teradata and Protegrity High-Value Protection for High-Value Data

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

Symantec Security Monitoring Services

SOLUTIONS BRIEFS. ADMINISTRATION (Solutions Brief) KEY SERVICES:

Best Practices in Securing a Multicloud World

CipherCloud CASB+ Connector for ServiceNow

IBM Security Guardium Analyzer

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

SIEMLESS THREAT MANAGEMENT

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

align security instill confidence

AUSTRALIA Building Digital Trust with Australian Healthcare Consumers

HP Fortify Software Security Center

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

THE JOURNEY OVERVIEW THREE PHASES TO A SUCCESSFUL MIGRATION ADOPTION ACCENTURE IS 80% IN THE CLOUD

TRUE SECURITY-AS-A-SERVICE

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

INTELLIGENCE DRIVEN GRC FOR SECURITY

to Enhance Your Cyber Security Needs

Industrial Defender ASM. for Automation Systems Management

ORACLE SERVICES FOR APPLICATION MIGRATIONS TO ORACLE HARDWARE INFRASTRUCTURES

Accelerate GDPR compliance with the Microsoft Cloud

MITIGATE CYBER ATTACK RISK

Overview. Business value

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

Avanade s Approach to Client Data Protection

Automating the Top 20 CIS Critical Security Controls

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Transforming Security from Defense in Depth to Comprehensive Security Assurance

EU General Data Protection Regulation (GDPR) Achieving compliance

Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

GDPR Update and ENISA guidelines

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Incident Response Services

IT Consulting and Implementation Services

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

Data Security and Privacy Principles IBM Cloud Services

HIPAA Regulatory Compliance

Symantec Enterprise Support Services Manage IT Risk. Maximize IT Performance.

Keys to a more secure data environment

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

May the (IBM) X-Force Be With You

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

SIEMLESS THREAT DETECTION FOR AWS

Have breaches declined since the massive Heartland Payments leak in 2008? What proportion of breaches are the result of hacking?

Putting security first for critical online brand assets. cscdigitalbrand.services

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

A Comprehensive Guide to Remote Managed IT Security for Higher Education

Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

Secure Access & SWIFT Customer Security Controls Framework

CYBER RESILIENCE & INCIDENT RESPONSE

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Information Technology Security Plan Policies, Controls, and Procedures Identify Governance ID.GV

SELLING YOUR ORGANIZATION ON APPLICATION SECURITY. Navigating a new era of cyberthreats

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

Twilio cloud communications SECURITY

Fabrizio Patriarca. Come creare valore dalla GDPR

Data Privacy in Your Own Backyard

Choosing the Right Solution for Strategic Deployment of Encryption

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Data Virtualization Implementation Methodology and Best Practices

A company built on security

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

MySQL CLOUD SERVICE. Propel Innovation and Time-to-Market

Protecting your data. EY s approach to data privacy and information security

Customer Breach Support A Deloitte managed service. Notifying, supporting and protecting your customers through a data breach

THE STATE OF MEDIA SECURITY HOW MEDIA COMPANIES ARE SECURING THEIR ONLINE PROPERTIES

ACCENTURE & COMMVAULT ACCENTURE CLOUD INNOVATION CENTER

GDPR: A QUICK OVERVIEW

PROTECT AND AUDIT SENSITIVE DATA

Symantec Data Center Transformation

DATACENTER SERVICES DATACENTER

Transcription:

DIGITAL TRUST SECURING DATA AT THE CORE

MAKING FINANCIAL SERVICES SECURE FOR WHEN, NOT IF, YOUR COMPANY IS ATTACKED Average total cost of a data breach in 2015 $3.79M 1 2 Securing Data at the Core

Financial services companies face some of the biggest risks from cyber attacks and data security breaches. The list of banks and other financial companies that have been hit by security incidents grows longer every year, and the cost in penalties, productivity loss, and lost revenue continues to mount. Last year, the average total cost of a data breach hit $3.79 million, a 23% increase over the previous year, which translates to about $170 per stolen record. 1 It s well known that fixing security breaches after they happen costs far more than building adequate cyber defenses in the first place. But even if you manage to repel intruders, system performance can lag when your systems are under attack, slowing operations and sapping staff productivity. Not surprisingly, business and security executives are under increasing pressure to deploy comprehensive and vigorous security measures to counter the rising threats. Top of mind for these executives is achieving resilience the ability to react proactively to ensure business continuity and they have made this a key part of their business strategy. These days, attacks can come from anywhere from staff inside the company with higher-level access privileges, and from criminals on the outside who use social engineering tactics to gain entrance into your systems. Just because you run Oracle databases and applications doesn t mean your business is immune to attacks and breaches. Remarkably, many security executives, including CISO, CTO, CDO and CIOs, are unaware of whether their company s Oracle databases are completely secure, or what kind of additional enhancements they might need to comprehensively detect and defend against attacks. Even companies that have access to advanced Oracle database security technologies often don t use them until it s too late. 1 Source: Ponemon Institute 2015 Cost of Cyber Crime Study: Global #DigitalTrust 3

THE MODERN SECURITY LANDSCAPE $170 2 $3.79 3 MILLION 2,122 2 55% 3 40% 3 average cost average confirmed of insider of insider per lost or total cost of data breaches misuse is abuse misuse stolen record, data breach of privilege by motivated by per 2015 based on 350 those already financial gain information companies in trusted role from 11 countries 2 Source: 2015 Cost of Cyber Crime Study Global Ponemon Institute. 3 Source: 2015 Data Breach Investigations Report Verizon. WHY DATABASE SECURITY? Increase in vulnerabilities related to databases, and internal users having access to data Perimeter/network security alone is not enough WHAT SHOULD SECURITY EXECUTIVES BE CONCERNED ABOUT? Do the IT policies adhere to industry standards with regards to database security? What measures are in place to protect from unauthorized access or misuse by privileged users? What measures are in place to protect from data corruption and unrecoverable and intentional damage to data? 4 Securing Data at the Core

ACCENTURE S APPROACH As an Oracle Global Cloud Elite partner, Accenture leverages a portfolio of security strategies, including defense-indepth and perimeter security solutions, to help financial organizations lower risk and build an IT infrastructure that proactively protects against the most sophisticated and constantly changing security threats. Working with Oracle, we have developed a four-phase approach to design, build and maintain the strongest possible database security infrastructure for your enterprise. Accenture s full lifecycle approach can begin with discovering your current database security challenges and developing recommendations to mitigate threats. Next, we ll engineer a security model and technology solution tailored to your needs, then deploy the solution using Accenture s best practice methodologies and accelerators. Ongoing support and education complete our holistic approach to achieving the highest possible database security for our financial services clients. Accenture s Four Pillars of Oracle Database Security DISCOVERY ENGINEERING IMPLEMENTATION EDUCATION Pre-assessment Security & Pre-assessment Training Security Health Compliance Model Deployment/Run books Security Workshops Check Oracle Advanced Support Security Data Analysis (Level 1, 2, 3, 4) Publications Recommendations Third Party Applications OEM 12c Security Oracle Engineered Systems #DigitalTrust 5

START WITH A DATABASE SECURITY HEALTH CHECK How secure is your financial services enterprise? Accenture can help you find out using a proven security assessment process that often starts with a database health check to evaluate your environment and clarify where you are at risk. Our factory-based approach leverages accelerators and evaluation tools, as well as insights gained from hundreds of database assessments for financial services firms worldwide. All of Accenture s solutions for financial services clients are based on CI Security, PCI DSS, SOX/JSOX, NCUA and NIST Standards for critical infrastructure cybersecurity. A typical health check consists of three steps: DISCOVERY audits your database architecture and past security events, and provides preliminary findings. VALIDATION analyzes and confirms vulnerabilities in critical areas, such as user access, authentication, encryption, password practices, application security, separation of duties, patch validations, identifying columns with PII/PCI/PHI data, and more. REPORT AND RECOMMENDATIONS provides a summary of our findings and remediations for fixing vulnerabilities and reducing risk in short term, near term and long term durations. Are You GDPR Compliant? Financial services companies face tougher regulations aimed at protecting customer data from unauthorized disclosure. In April 2016, the European Union approved the General Data Protection Regulation (GDPR), which gives citizens of the EU greater control over their personal data. For companies, the risks of non-compliance are significant, including penalties for failing to rapidly notify customers when their data has been hacked. With EU privacy data valued at about 1 trillion, fines may be imposed up to 4% of annual revenue for non-compliance with the proper handling of this data. Accenture can help your company achieve full compliance with the GDPR and other regulations impacting financial services firms. Leveraging Oracle security solutions, we provide services to address encryption, psuedonymous data, erasure, limited access to data, risk assessment and the breach notification requirements of GDPR. 6 Securing Data at the Core

ENGINEERING YOUR SOLUTION Once you understand your potential security risks and our recommendations, Accenture can engineer the right solution based on your business requirements one that protects you today and stays current as new threats emerge. Every business is unique and has varying technical, industry and compliance environments that we factor into any solution we design. A typical solution design may consist of: A COMPREHENSIVE SECURITY AND COMPLIANCE MODEL that ensures the solution meets your business requirements and provides policies, procedures and standards for authentication, authorization, credential management, and privilege management. AN INTRUSION DETECTION SYSTEM (IDS) leverages technologies such as Oracle Audit Vault and Database Firewall to provide perimeter security with multiple levels of defense against threats. INTEGRATION OF EXISTING THIRD-PARTY APPLICATIONS such as single sign-on and authentication tools to ensure they adhere to your security framework and overall security model. ORACLE ADVANCED SECURITY solutions to provide data encryption, masking and redaction as well as identity management solutions to comply with privacy and regulatory mandates. Accenture is committed to helping our clients take advantage of the latest security technologies. Accenture s Financial Services group, for example, is investing in an innovative technology called blockchain that offers financial services companies powerful protection against hackers. Accenture also goes beyond traditional security strategies by adding new layers of security directly where the data is stored. Accenture is one of the only providers that currently delivers Oracle Audit Vault and Database Firewall as an appliance solution using low cost engineered systems to provide comprehensive defense-indepth solutions for Oracle databases. #DigitalTrust 7

The Oracle Engineered Systems Edge For financial services companies seeking the ultimate in database security, Accenture may recommend exploring a solution that employs Oracle Exadata, Oracle Public Cloud Appliance, Oracle Cloud Machine and Oracle SuperCluster. These systems are engineered with multiple layers of builtin security and are the highest performing and most available platforms for running large-scale Oracle databases and delivering cost-effective consolidation. Accenture s Exadata Sizing and Provisioning Tool provides methodologies and processes for accurately sizing Oracle Exadata platforms to meet current and future capacity requirements in both on premises and hybrid cloud environments. FLEXIBLE, ACCURATE IMPLEMENTATIONS Accenture can help turn your security solution design into reality and set up monitoring and governance processes that help keep your business secure and compliant over the long run. Our solutions, assets and practices adhere to CI Security and NIST standards, wherever applicable. Following a true 24/7/365 support model, our experienced global teams use proven implementation tools and methodologies to build, test and go live with your new security solution on a schedule and budget that makes sense for your business. Implementations may leverage: Pre-assessments and deployment of standard operating procedures documents to accelerate project implementations Perform proof of concept (POC) to validate the Oracle security solutions Leverage the Accenture Innovation Center for Oracle Engineered Systems for resolving incident escalations, building assets and research Global delivery centers to facilitate true follow-the-sun model Periodic security checks using Oracle Enterprise Management 12c Cloud Control to automatically monitor and validate security violations, outliers and issues 8 Securing Data at the Core

Accenture Foundation Platform for Oracle Accenture Foundation Platform for Oracle is a pre-built, pre-tested architecture for Oracle Fusion Middleware that enables clients to leverage development dollars more effectively and accelerate your database security implementation. The platform includes: Reference applications, guidelines, cookbooks, and templates Development accelerators Decision trees to speed decision-making and increase solution quality Build guides and curriculum to support development and maintenance requirements CONTINUING SUPPORT AND IMPROVEMENT Implementing a high-performance database security solution for your financial services company doesn t stop when it goes live. Accenture helps to make the implementation a continuing success with comprehensive training, workshops, and educational publications. Managed Services From day-to-day database administration to periodic upgrades, patching and tuning, Accenture offers ongoing managed services that help control costs while ensuring superior stability, scalability, performance and availability for your business over the long term. Leading financial services companies rely on Accenture to provide managed services to support their database security solutions. These services may include: Management and Coordination Monitoring and Alerting Incident, Problem, Change Management Quarterly Health Assessments Proof of Concept and Software Solutions, Validations Some clients ask Accenture to provide health checks on a quarterly schedule as part of an ongoing managed services program designed to continually monitor and improve data security across the enterprise. #DigitalTrust 9

WHY ACCENTURE Backed by 52,000 Oracle-skilled professionals, 16,000 infrastructure specialists and a 23-year track record of delivering large-scale data center transformations, Accenture is a pioneer in designing, building and running Oracle solutions at scale across the entire Oracle technology stack. Our world-class global delivery capabilities and flexible sourcing options give clients market-competitive prices that balance their needs, risk tolerance and budgets. Accenture s acquisition of Eniktec, a worldwide leader in Oracle Exadata implementations, expanded Accenture s Oracle Engineered Systems capabilities to optimize servicing global clients. For additional information, contact: CHAITANYA GEDDAM Practice Director, Accenture Operations chaitanya.geddam@accenture.com 10 Securing Data at the Core

As the risk and costs of security failures continues to escalate in our increasingly complex digital ecosystems, database security has become a number one priority for CISOs at financial services organizations. Accenture and Oracle offer one of the most robust security solutions for helping protect vital information assets, defense-in-depth solutions, reduce the risk of data breaches, and meet regulatory mandates. Chaitanya Geddam Practice Director, Accenture Operations #DigitalTrust 11

ABOUT ACCENTURE Accenture is a leading global professional services company, providing a broad range of services and solutions in strategy, consulting, digital, technology and operations. Combining unmatched experience and specialized skills across more than 40 industries and all business functions underpinned by the world s largest delivery network Accenture works at the intersection of business and technology to help clients improve their performance and create sustainable value for their stakeholders. With more than 394,000 people serving clients in more than 120 countries, Accenture drives innovation to improve the way the world works and lives. Visit us at www.accenture.com. ABOUT ORACLE With more than 420,000 customers, and with deployments across a wide variety of industries in more than 145 countries, Oracle offers a comprehensive and fully integrated stack of cloud applications, platform services, and engineered systems. For more information about Oracle (NYSE:ORCL), visit oracle.com. This document is produced by consultants at Accenture as general guidance. It is not intended to provide specific advice on your circumstances. If you require advice or further details on any matters referred to, please contact your Accenture representative. This document makes descriptive reference to trademarks that may be owned by others. The use of such trademarks herein is not an assertion of ownership of such trademarks by Accenture and is not intended to represent or imply the existence of an association between Accenture and the lawful owners of such trademarks. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Copyright 2017 Accenture All rights reserved. Accenture, its logo, and High Performance Delivered are trademarks of Accenture. 171576U

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback