Building a Resilient Security Posture for Effective Breach Prevention

Similar documents
Cyber Resilience. Think18. Felicity March IBM Corporation

How to Underpin Security Transformation With Complete Visibility of Your Attack Surface

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO

State Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Designing and Building a Cybersecurity Program

Why you should adopt the NIST Cybersecurity Framework

Critical Hygiene for Preventing Major Breaches

Run the business. Not the risks.

MITIGATE CYBER ATTACK RISK

Manchester Metropolitan University Information Security Strategy

RSA NetWitness Suite Respond in Minutes, Not Months

Enabling Security Controls, Supporting Business Results

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Certified Information Security Manager (CISM) Course Overview

Mitigating Risk with Ongoing Cybersecurity Risk Assessment. Scott Moser CISO Caesars Entertainment

THE POWER OF TECH-SAVVY BOARDS:

Rethinking Information Security Risk Management CRM002

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Cyber Security Program

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

NEXT GENERATION SECURITY OPERATIONS CENTER

How To Build or Buy An Integrated Security Stack

Consolidation Committee Final Report

align security instill confidence

DELIVERING SIMPLIFIED CYBER SECURITY JOURNEYS

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,

Security Awareness Training Courses

IoT & SCADA Cyber Security Services

Practical Guide to Securing the SDLC

Securing Digital Transformation

PA TechCon. Cyber Wargaming: You ve been breached: Now what? April 26, 2016

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

2017 Annual Meeting of Members and Board of Directors Meeting

Cyber Resilience - Protecting your Business 1

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

TAN Jenny Partner PwC Singapore

Navigate IT Security with a Framework as Your Guide

Gujarat Forensic Sciences University

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

CYBER SECURITY AIR TRANSPORT IT SUMMIT

AKAMAI CLOUD SECURITY SOLUTIONS

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017

RBI GUIDELINES ON CYBER SECURITY AND RAKSHA APPROACH

Combating Cyber Risk in the Supply Chain

INFORMATION TECHNOLOGY ( IT ) GOVERNANCE FRAMEWORK

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

Security Readiness Assessment

CISO View: Top 4 Major Imperatives for Enterprise Defense

Data Management and Security in the GDPR Era

Bringing Cybersecurity to the Boardroom Bret Arsenault

IBM Future of Work Forum

Department of Management Services REQUEST FOR INFORMATION

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

SOLUTION BRIEF Virtual CISO

Are we breached? Deloitte's Cyber Threat Hunting

A Disciplined Approach to Cyber Security Transformation

Compliance: How to Manage (Lame) Audit Recommendations

to Enhance Your Cyber Security Needs

Readiness, Response & Resilence:

8 Must Have. Features for Risk-Based Vulnerability Management and More

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

Modern Database Architectures Demand Modern Data Security Measures

The NIS Directive and Cybersecurity in

Vulnerability Management Trends In APAC

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

MEETING ISO STANDARDS

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

CISO as Change Agent: Getting to Yes

To Audit Your IAM Program

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Sirius Security Overview

The Business Value of including Cybersecurity and Vendor Risk in ERM

From Managed Security Services to the next evolution of CyberSoc Services

deep (i) the most advanced solution for managed security services

Accelerate GDPR compliance with the Microsoft Cloud Agustín Corredera

Digital Service Management (DSM)

Cybersecurity in Government

CYBER RESILIENCE & INCIDENT RESPONSE

RIMS Perk Session Protecting the Crown Jewels A Risk Manager's guide to cyber security March 18, 2015

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Information Security In Pakistan. & Software Security As A Quality Aspect. Nahil Mahmood, Chairman, Pakistan Cyber Security Association (PCSA)

Security In A Box. Modular Security Services Offering - BFSI. A new concept to Security Services Delivery.

Cybersecurity and the Board of Directors

DIGITAL ACCOUNTANCY FORUM CYBER SESSION. Sheila Pancholi Partner, Technology Risk Assurance

Defensible and Beyond

Cybersecurity Auditing in an Unsecure World

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity

Strategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare

locuz.com SOC Services

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Transcription:

SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications

Agenda for discussion 1. Security Posture 2. The effectiveness gap 3. CISO perspective 4. Maturing the security posture 5. A case study 6. In Summary

Congratulations SINGAPORE!! Survey by the UN International Telecommunication Union (ITU) rated Singapore as Top in the world based on its - Legal, technical and organisational institutions, - educational and research capabilities and - cooperation in information-sharing networks. SECURITY POSTURE?

Security posture defined The security status of an enterprise s networks, information and systems is based on resources (people, hardware, software, policies) and capabilities in place to manage the defense of the enterprise and to react as the situation changes.** WHY To eliminate a false sense of security, strategic alignment with business WHAT Approach a business takes to security, from planning and implementation to operations HOW Technical and non-technical policies, procedures and controls to prevent and protect against threats ** NIST Glossary of Key Information Security Terms

Security posture Strategy for C-suite alignment USABILITY RISK COST REGULATIONS & COMPLIANCE

False sense of security Use of a weak algorithm Auditing level lacks the necessary details Deployment without customization No consistent process Assume that the data is secure Exclusion of employee s workstations from scope

The Security Effectiveness gap Ransomware Supply Chain Ecosystems State Sponsored Phishing Key Loggers Cyberespionage Denial-of- Service Gap to be bridged CAPABILITIES Skill issues Operational gaps Technology efficiency

Approach for Security posture A CISO perspective Vision and Plan Execution Operations Management support Digital Enablement Skill Alignment Cloud Adoption

Approach for Security posture A CISO perspective Vision and Plan Execution Operations Strategy Roadmap & Investments Compliance Regulations, Standards, Best Practices Service Management SLAs, OLAs Architecture Maturity & Integrations Identity & Access Trust, Authentication, Privileges Reporting Measurement, Trends, Self service Governance, Risk Visibility & Engagement Data & Apps Classification, Loss Prevention Assessment Cyber Detection, Prediction, Response

Maturing the security posture Vision and Plan AS-IS State Proactive Know your security posture Risk in the business context Security plan across the connected eco-system

Maturing the security posture Execution AS-IS State Proactive

Maturing the security posture Operations AS-IS State Proactive

Customer case study: One of the most recognised and valued Consumer Products brand in APAC Vision and Plan Execution Operations Strategy Roadmap & Investments planning 2015 Compliance Best Practices end to end Vulnerability management 2015 Service Management MSSP based SOC On Going Architecture Layered model 2015 Identity & Access Trust, Authentication, Privileges Reporting MSS Portal On Going Governance, Risk Visibility & BoD engagement 2015 Data & Apps Web application security and attack prevention Q3 2015 Cyber SOC and Threat management Q4 2016 Approach to enhancing the security posture for this enterprise

Applying the Strategy Get Going Initial months 6 months & beyond Build self awareness Build a cyber risk oriented process for investment strategy Engage specialists including cloud and managed service provider Identify the right governance team with C suite support Consider all assets Facilitate information sharing and collaboration

Thank You QUESTIONS & FEEDBACK

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback