Security Diagnostics for IAM

Similar documents
Cybersecurity Roadmap: Global Healthcare Security Architecture

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Cybersecurity Auditing in an Unsecure World

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

The Common Controls Framework BY ADOBE

University of Pittsburgh Security Assessment Questionnaire (v1.7)

the SWIFT Customer Security

Security Operations & Analytics Services

Unlocking the Power of the Cloud

Balancing Compliance and Operational Security Demands. Nov 2015 Steve Winterfeld

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Securing Digital Transformation

Twilio cloud communications SECURITY

QuickBooks Online Security White Paper July 2017

Run the business. Not the risks.

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Security Terminology Related to a SOC

CA Security Management

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

What It Takes to be a CISO in 2017

NEXT GENERATION SECURITY OPERATIONS CENTER

SIEMLESS THREAT MANAGEMENT

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Privacy Data Sheet. This Privacy Data Sheet describes the processing of personal data (or personal identifiable information) by Cisco Threat Grid.

CloudSOC and Security.cloud for Microsoft Office 365

Cloud Customer Architecture for Securing Workloads on Cloud Services

MITIGATE CYBER ATTACK RISK

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Sage Data Security Services Directory

Vulnerability Assessments and Penetration Testing

Cyber Security Audit & Roadmap Business Process and

A Risk Management Platform

CipherCloud CASB+ Connector for ServiceNow

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

locuz.com SOC Services

Cyber Security Technologies

Emerging Issues: Cybersecurity. Directors College 2015

SECURITY SERVICES SECURITY

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Changing face of endpoint security

to Enhance Your Cyber Security Needs

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

DEVELOP YOUR TAILORED CYBERSECURITY ROADMAP

New York Cybersecurity. New York Cybersecurity. Requirements for Financial Services Companies (23NYCRR 500) Solution Brief

BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

IBM services and technology solutions for supporting GDPR program

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Secure Access & SWIFT Customer Security Controls Framework

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Security. Made Smarter.

RAPID7 INFORMATION SECURITY. An Overview of Rapid7 s Internal Security Practices and Procedures

The Convergence of Security and Compliance

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

K12 Cybersecurity Roadmap

SECURITY & PRIVACY DOCUMENTATION

Top Reasons To Audit An IAM Program. Bryan Cook Focal Point Data Risk

MEETING ISO STANDARDS

The Modern SOC and NOC

Simplify, Streamline and Empower Security with ISecOps

Cybersecurity The Evolving Landscape

SecureVue. SecureVue

EXABEAM HELPS PROTECT INFORMATION SYSTEMS

CCISO Blueprint v1. EC-Council

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Security and Compliance at Mavenlink

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Security Readiness Assessment

IBM Exam 00M-662 Security Systems Sales Mastery Test v2 Version: 7.1 [ Total Questions: 72 ]

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045

Security Information & Policies

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO

One Hospital s Cybersecurity Journey

Proactive Approach to Cyber Security

Background FAST FACTS

External Supplier Control Obligations. Cyber Security

THE TRIPWIRE NERC SOLUTION SUITE

Managed Security Services RFP 2019 Q&A

Background FAST FACTS

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Layer Security White Paper

ISE North America Leadership Summit and Awards

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

Automating the Top 20 CIS Critical Security Controls

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Watson Developer Cloud Security Overview

PROFESSIONAL SERVICES (Solution Brief)

Ο ρόλος της τεχνολογίας στο ταξίδι της συμμόρφωσης με τον Γενικό Κανονισμό. Αντιγόνη Παπανικολάου & Νίκος Αναστόπουλος

Ingram Micro Cyber Security Portfolio

The Convergence of Security and Compliance. How Next Generation Endpoint Security Manages 5 Core Compliance Controls

Transcription:

Security Diagnostics for IAM Strategies and Approaches Rebecca Harvey Brian Dudek 10/29/2018

Core Competencies Our areas of expertise Cloud Data Mobility Security Enable business innovation and transition to IT as a Service through reduced complexity, increased agility, and unified management. Increase efficiency and agility while protecting data, minimizing recovery time, and deploying new technologies without disruption. Increase productivity, simplify access, and improve collaboration without compromising security. Reduce risk by shifting the focus from network security to a secure network, from datacenter to cloud to endpoint.

How Can We Provide Value? Easy to engage People like working with Data Strategy because of our approach to customer engagement. We listen first. We give unbiased advice based. And, we re easy to engage because we re local. This is what drives our goal to have the highest customer satisfaction in the industry. Local support 350 Full Time Employees 160 Engineering Focused Nine office locations in seven-state territory Redundant NOCs Presales, design, and implementation Demo & POC facilities Technical integration

Combined Geographies Trace3 Existing Regions Trace3 New/Priority Regions Data Strategy / Optio Data Region(s) Trace3 & Data Strategy

Defense in Depth Evolve, Adapt, Change, Survive Secure Assets Implement Effective Policy s and Procedures Create Multiple Layers of Security Protect Life Authenticate & Automate Access Control Intrusion Detection Countermeasures

The strength of your information protection strategy depends on your ability to: Understand weaknesses in the current approach to managing cybersecurity and protection of information within your purview; Implement improvements that benefit your organization Demonstrate that you have the vision and capabilities to transition this strategy into operational reality; Manage this capability for the long term

Why a Program Assessment? Understand and document weaknesses in the current data protection program, including: The scope of what should be considered; The types of critical data requiring protection; The current cybersecurity related operations; and Assigned responsibilities of personnel Provide a sound strategy detailing what has to be achieved to improve the program to a baseline maturity level with 20/20 vision of data protection programs currently in flight, have been completed or are planned. Identify and documentation changes, programs and technologies where required to comply with and achieve the expectations associated with your cybersecurity strategy; Design and create a cybersecurity improvement roadmap detailing the recommended project path to your target security state.

Security Program Assessment Components Cybersecurity Strategy Cybersecurity Operations Cybersecurity Monitoring, Response, & Recovery Cybersecurity Charter, Goals & Objectives Security Program Legal Support Cybersecurity Risk Incidental Cybersecurity Team Structure, Roles & Responsibilities GDPR, Regulatory & Internal Compliance Cyberthreat Configuration & Patch Intrusion Detection & Prevention Cybersecurity Policies, Standards, and Procedures Vulnerability Logging, Monitoring, & Alerting Application Security Compliance Tracking and Reporting Cybersecurity Architecture & Strategic Planning Identity & User Account GDPR Data Subject Data Data Classification & Privacy Business Continuity Security Program Assurance & Governance Asset VPN & Encryption Network & System Security GPDR Data Subject Request

The Importance of Network Penetration Testing To Identify Gaps, Prioritize, and Roadmap Mitigation Steps Vulnerability Assessment Traditional Penetration Testing Enhanced Red Teaming / Advanced Penetration Testing SCOPING Limited Limited to scan results Comprehensive SKILL LEVEL REQUIRED OBJECTIVE TECHNIQUES THREAT EMULATION REPORTING Tutorial Needed Training Required Advanced Degree Required Broad scanning for information gathering Fully automated using software which identifies publicly known vulnerabilities Utilize broad scanning to manually test a network for compliance driven needs Driven by automation with penetration testers manually testing the findings uncovered by automated scanning Uncover as many vulnerabilities as possible using the resources leveraged by real attackers Human driven with a team of hackers focused on your network identifying vulnerabilities unique to your network None Partial Advanced Persistent Threat Emulation Computer generated report with unverified information and no determination of business impact Computer generated report which is verified by penetration tester reducing the amount of false positives Narrative report with actionable remediation steps and verified intelligence determining the business impact of all findings

What s needed to Recover Quickly? INSIGHT Prioritize the incidents that matter using the best intelligence ACTION Streamline the response Enrich Incident Data Reputation Data Unify Views and Intel for All Key Tools Understand Context Global Malware Exchange One Click to Confirm Compromises Automate Correlation Attacker and Campaign Intel One Click to Take Action

Example of an Automated Threat Response Threat Intelligence Industry ISACs Open Source Intelligence Commercial Intelligence or TIP SIEM IDS/IPS, Firewall Email Security Malware Sandbox Alerts Collect, Group, Prioritize Enrich & Augment Threat Response Respond, Block, Quarantine Enforcement Controls Exchange, O365 Web Gateway IDS/IPS, Firewall Understand Verify Contain AD, Identity Mgmt. Active Directory AUTOMATED CONSISTENT INSTANT Custom Network Access

What is IAM? Identity and Access (IAM) is the security discipline that enables the right individuals to access the right resources at the right times for the right reasons. Gartner Identity Data User Identity Governance Access Advanced Analytics

Identity Data Authoritative Identity Stores vs Many Islands of Identity Groups, Profiles, Roles Decentralized or Centralized Identity Data Mapping, Consolidation, and Cleansing Workforce Identity vs Consumer Identity Directory (AD, LDAP, Database, Cloud, Virtual, EDirectory, Google)

User Concepts Birth-right provisioning Automated de-provisioning Access requests and approvals User registration Self service and Delegated Administration Contractor and Temp Worker Benefits Improved efficiency and cuts administration costs Reduce user idle time Increase security by reducing orphaned accounts Increase compliance posture Centralize view of enterprise access

Access Concepts Single Sign-On (SSO) Internal apps SaaS, Cloud, eg. Office 365 Standard SAML, OpenID Connect Multi-Factor Authentication SMS, mobile app push Soft/Hard token, adaptive/risk Authentication Benefits Less usernames and passwords Better user experience Improved security

Privileged Access (PAM) Keys to the kingdom Local administrators AD domain users Root on Unix Database accounts Cloud infrastructure accounts Principle of least privilege Password vault and automated password rotation Usage monitoring and recording AD bridge to Unix systems Application password integration

Identity Governance Concepts Access review and remediation for regulations such as SOX, HIPAA, GDPR, PCI, etc. Enterprise Role Definition Segregation of Duties Structured and Unstructured Data Benefits Automate manual process Focus on high risk users Enforce SOD policies Centralize view of access

Advanced Analytics Detect Compromised Accounts and Insider Threats Data Collection firewall, application, SIEM, IAM, SaaS, etc. Processing normal vs abnormal, policies, machine learning Alert event-based, risk score, or thresholds Analysis timeline, objects touched, and historical use Case open, assign, remediate, close

Key IAM Areas and Recommended Vendors

No Magic Bullet

Security practice overview SECURITY LABS ADVISORY SERVICES BUSINESS CONTINUITY SECURITY AS A SERVICE Network Penetration Testing -Security Program Assessments -GDPR Active/Active Data Centers -Managed SIEM/SOC -IRaaS, Data Forensics -Intrusion Detection and Response Vulnerability Scanning and Assessments Gap Analysis and Risk Registry Operationalization Disaster Recovery and BCP Cloud Access Security Brokerage (CASB) Services Social Engineering PCI DSS and Payment Systems Risk Report Off-site Replication Identity and Access solutions -Incident Response Services -Security Training HIPAAHIPAA/HITECH ISO 27001, FFIEC, FISMA NERC CIP, FedRAMP 3PAO SOC and SSAE 16, NIST Assessments -Backup & Archiving -Backup and DR as a Service -End point security solutions -Multi-Factor Authentication -BYOD & Mobile Device ; MDM/EMM Digital Forensics Cloud and Virtualization Security Strategies Recovery Optimization, including Cloud-based NG Firewalls and Proxies Application Security Policy and Procedure Development Runbook Automation -Email Security solutions -Vulnerability as a service

Questions?

Thank you! Rebecca Harvey & Brian Dudek Rharvey@data-strategy.com Bdudek@data-strategy.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback