Business Context: Key for Successful Risk Management

Similar documents
Aligning IT, Security and Risk Management Programs. Ahmed Qurram Baig, CISSP, CBCP, CRISC, CISM Information Security & GRC Expert

RSA IT Security Risk Management

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Reinvent Your 2013 Security Management Strategy

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

locuz.com SOC Services

INTELLIGENCE DRIVEN GRC FOR SECURITY

Next Generation Policy & Compliance

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Cybersecurity Auditing in an Unsecure World

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Un SOC avanzato per una efficace risposta al cybercrime

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

WHITEPAPER. Enterprise Cyber Risk Management Protecting IT Assets that Matter

A Risk Management Platform

GDPR: An Opportunity to Transform Your Security Operations

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

How to Prepare a Response to Cyber Attack for a Multinational Company.

Carbon Black PCI Compliance Mapping Checklist

Demystifying Governance, Risk, and Compliance (GRC) with 4 Simple Use Cases. Gen Fields Senior Solution Consultant, Federal Government ServiceNow

TRIPWIRE VIA PLATFORM PROTECTING YOUR DATA WITH INTEGRATED SECURITY CONTROLS

Security Operations & Analytics Services

IBM services and technology solutions for supporting GDPR program

Machine Learning and Advanced Analytics to Address Today s Security Challenges

The Convergence of Security and Compliance

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

The Convergence of Security and Compliance. How Next Generation Endpoint Security Manages 5 Core Compliance Controls

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

Automating the Top 20 CIS Critical Security Controls

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

align security instill confidence

Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS

Certified Information Security Manager (CISM) Course Overview

Converged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

SIEM: Five Requirements that Solve the Bigger Business Issues

A New Cyber Defense Management Regulation. Ophir Zilbiger, CRISC, CISSP SECOZ CEO

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

Compliance Audit Readiness. Bob Kral Tenable Network Security

RSA NetWitness Suite Respond in Minutes, Not Months

Transforming Security from Defense in Depth to Comprehensive Security Assurance

*** THIS DOCUMENT IS CLASSIFIED FOR PUBLIC ACCESS ***

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

IBM Security technology and services for GDPR programs GIULIA CALIARI SECURITY ARCHITECT

Rethinking Information Security Risk Management CRM002

Incident Response. Is Your CSIRT Program Ready for the 21 st Century?

UNIFICATION OF TECHNOLOGIES

2017 PORT SECURITY SEMINAR & EXPO. ISACA/CISM Information Security Management Training for Security Directors/Managers

<Partner Name> <Partner Product> RSA Ready Implementation Guide for. Rapid 7 Nexpose Enterprise 6.1

IBM Proventia Management SiteProtector Sample Reports

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Aktueller Überblick über das RSA Portfolio

The Evolution of Data Center Security, Risk and Compliance

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

Top 10 use cases of HP ArcSight Logger

CISM Certified Information Security Manager

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

FOR FINANCIAL SERVICES ORGANIZATIONS

A Practical Guide to Efficient Security Response

Enabling Security Controls, Supporting Business Results

"Charting the Course... Certified Information Systems Auditor (CISA) Course Summary

Establishing a Common Controls Framework

Les joies et les peines de la transformation numérique

Securing the cloud ISACA Korea. Han Ther, Lee CISA, CISM, CISSP, CRISC, ITILF, MCSA

CloudSOC and Security.cloud for Microsoft Office 365

Run the business. Not the risks.

Integrated, Intelligence driven Cyber Threat Hunting

Defensible Security DefSec 101

SecureVue. SecureVue

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Building a Resilient Security Posture for Effective Breach Prevention

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Think Like an Attacker

CipherCloud CASB+ Connector for ServiceNow

Best Practices & Lesson Learned from 100+ ITGRC Implementations

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Vulnerability Assessments and Penetration Testing

Click to edit Master title style. DIY vs. Managed SIEM

Threat Centric Vulnerability Management

Security. Made Smarter.

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Total Security Management PCI DSS Compliance Guide

Intelligent Security Management. Helping Enterprise Security Teams Improve Resource Efficiency & Reduce Overall Risk Exposure

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Modern Database Architectures Demand Modern Data Security Measures

Enterprise GRC Implementation

How AlienVault ICS SIEM Supports Compliance with CFATS

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Imperva CounterBreach

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Think Like an Attacker

Data Management and Security in the GDPR Era

ABB Ability Cyber Security Services Protection against cyber threats takes ability

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Achieving PCI Compliance: Long and Short Term Strategies

Transcription:

Business Context: Key for Successful Risk Management Philip Aldrich, CISSP, CISM, CISA, CRISC, CIPP Program Director, Risk Management EMC Event Alert Finding Incident Law Vulnerability Regulation Audit

Obvious Fact: Traditional Security & Risk Management is Not Working 99% of breaches led to compromise within days or less & 85% took weeks or more to discover 96% of attacks were not highly difficult 63% of recommended preventative measures are simple & cheap 97% of breaches were avoidable through simple or intermediate controls 96% of victims subject to PCI DSS had not achieved compliance Source: Verizon 2012 Data Breach Investigations Report

Overload of Threat Information Internal Threat Sources External Threat Sources DLP SIEM Geo-Political Alerts Risk Intelligence Agents Anti Virus Patch Management Vulnerability Assessments Security, Risk & Compliance Operations Trusted CERTs Technology Vendors Underground Organisations Where are the most critical exposures?

7 Years ago & Today Risk, Security & Compliance Teams Audit Findings Vulnerabilities Threat Intelligence rivacy Logs Incidents Regulatory Changes Compliance Requirements Alerts REGULATORS

Striving for a Better Approach RISK COLLABORATION VISIBILITY the old mindset Are we exposed? the new mindset Where are we most exposed? Step 1: Threat & Security Defense Step 2: Compliance and Defense-in-Depth Step 3: Risk-Based Actions Step 4: Business-Oriented 5

The Case for Risk-Based Business Context We must distill down vast amounts of data into security intelligence prioritized, actionable insight. To prioritize actions, there must be linkages to the business value of the assets and an improved understanding of the risk they represent. - Gartner Source: Information Security Is Becoming a Big Data Analytics Problem Published: 23 March 2012 Gartner research by Neil MacDonald 6

Context-Aware Intelligence Model, Simulate, Act Community Context Patterns, meaningful anomalies Knowledge Analyze Information Dependencies, relationships Collect, Correlate Big Data Data Data Data Data Logs, Events, Costs, Usage, Attacks, Breaches Source: Information Security Is Becoming a Big Data Analytics Problem Published: 23 March 2012 Gartner research by Neil MacDonald 7

Understand Your Enterprise Business Strategy Risks Application s Business & Technic al Owners Processe s Devices Alert/Event/ Potential exposures Information Business Units Facilities Visibility Collaboration Accountability Criticality 8

Capturing Relationships How? CMDBs BPM GRC platforms Business Service Distribute Applications Inventory Control System Devices PMG LA022 PMG LA033 Products Warehouse Control System PMG LA036

Putting Context together = Better Picture Application name Business Owner Technical Owner Administrators Criticality Rating RTO/RPO Data Sensitivity Compliance Scope (ie. PCI, SOX) Supported Business Process / Function Associated devices (servers, dbs, etc.) Technology Location Controls Business Risks 10

Context is an essential ingredient Threat Criticality Business Context Prioritized Risk Treatment Response 11

Building the Risk Communication Bridge 12

Use Context for a Top Down Risk Management Approach KRI s & KPI s to measure impact against: Business Strategy, Risk Register, Critical Assets, and Compliance requirements 13

Dashboards focused on Critical Business Impact Incidents involving Tier 1, Critical Assets, must be mapped to Tier 1 SLA responses 14

Organizational control environment Policy People Process Tier 1 Tier 2 Tier 3 15

Business Context is a critical function in COBIT 5 Source: COBIT 5, figure 16 ISACA 16

Ongoing Business Impact Analysis 6 Execute Risk Treatment 1 Identification of Assets 5 Determine SLA response & Control Mapping 2 Define & Map Relationships 4 Business Validation 3 Understand & Add Business Context 17

Bringing it together: Executing the plan 1. Know your Assets o Identify & consolidate your CMDBs, repositories, etc. into 1 risk view 2. Identify Business Relationships o Capture interdependencies b/w assets, processes, data 3. Verify Business Criticality with Business Owners o Send periodic surveys to align business with IT 4. Tier Assets based on Criticality 5. Organize your control environment to business criticality 6. Monitor, Test & Validate Create Dashboards focused on Critical Assets FOCUS! 18

THANK YOU! 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback