How To Build or Buy An Integrated Security Stack

Similar documents
What It Takes to be a CISO in 2017

Building a Resilient Security Posture for Effective Breach Prevention

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Digital Service Management (DSM)

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Mitigating Risk with Ongoing Cybersecurity Risk Assessment. Scott Moser CISO Caesars Entertainment

Cyber Resilience. Think18. Felicity March IBM Corporation

Introducing Cyber Observer

THE POWER OF TECH-SAVVY BOARDS:

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

The Business Value of including Cybersecurity and Vendor Risk in ERM

Digital Service Management (DSM)

CISO as Change Agent: Getting to Yes

NEXT GENERATION SECURITY OPERATIONS CENTER

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Why you should adopt the NIST Cybersecurity Framework

Best Practices in Securing a Multicloud World

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

Best Practices & Lesson Learned from 100+ ITGRC Implementations

Rethinking Information Security Risk Management CRM002

Moving Beyond the Heat Map: Making Better Decisions with Cyber Risk Quantification

Navigate IT Security with a Framework as Your Guide

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

CISO View: Top 4 Major Imperatives for Enterprise Defense

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

Top Five Secrets to Successfully Jumpstarting Your Cyber-Risk Program

SOLUTION BRIEF Virtual CISO

Cybersecurity in Higher Ed

Cybersecurity. Securely enabling transformation and change

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

The new cybersecurity operating model

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

Defensible and Beyond

Kent Landfield, Director Standards and Technology Policy

Changing the Game: An HPR Approach to Cyber CRM007

The Fine Art of Creating A Transformational Cyber Security Strategy

Reinvent Your 2013 Security Management Strategy

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

Transformation in Technology Barbara Duck Chief Information Officer. Investor Day 2018

A Data-Centric Approach to Endpoint Security

Adaptive & Unified Approach to Risk Management and Compliance via CCF

CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO

RSA Cybersecurity Poverty Index

FFIEC Cybersecurity Assessment Tool

Sage Data Security Services Directory

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

Think Oslo 2018 Where Technology Meets Humanity. Oslo. Felicity March Cyber Resilience - Europe

Defensible Security DefSec 101

2018 HIPAA One All Rights Reserved. Beyond HIPAA Compliance to Certification

MITIGATE CYBER ATTACK RISK

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

DIGITAL TRUST Making digital work by making digital secure

Bringing Cybersecurity to the Boardroom Bret Arsenault

To Audit Your IAM Program

whitepaper How to Measure, Report On, and Actually Reduce Vulnerability Risk

Securing Digital Transformation

EUROPEAN ICT PROFESSIONAL ROLE PROFILES VERSION 2 CWA 16458:2018 LOGFILE

The University of Queensland

GEARS + CounterACT. Advanced Compliance Enforcement for Healthcare. December 16, Presented by:

Key Findings from the Global State of Information Security Survey 2017 Indonesian Insights

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Continuous protection to reduce risk and maintain production availability

Designing and Building a Cybersecurity Program

Leveraging Existing Customers to Find New Revenue Streams

External Supplier Control Obligations. Cyber Security

Buyer s Guide. What you need to know before selecting a cyber risk analytics solution

Bridging the Insurance/InfoSec Gap: The SANS 2016 Cyber Insurance Survey

CYBERSECURITY FOR STARTUPS AND SMALL BUSINESSES OVERVIEW OF CYBERSECURITY FRAMEWORKS

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

2017 Annual Meeting of Members and Board of Directors Meeting

AKAMAI CLOUD SECURITY SOLUTIONS

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

Planning and Implementing ITIL in ICT Organisations

2 The IBM Data Governance Unified Process

Building YOUR Privacy Program: One Size Does Not Fit All. IBM Security Services

State of South Carolina Interim Security Assessment

Best Practices in ICS Security for System Operators

Strategy is Key: How to Successfully Defend and Protect. Session # CS1, February 19, 2017 Karl West, CISO, Intermountain Healthcare

Cyber Security: Threat and Prevention

Cyber Resilience - Protecting your Business 1

REAL-WORLD STRATEGIES FOR MEDICAL DEVICE SECURITY

Supply Chain Integrity and Security Assurance for ICT. Mats Nilsson

YOUR WEAKEST IT SECURITY LINK?

ISE North America Leadership Summit and Awards

CISM Certified Information Security Manager

Industrial control systems

Ric Mims, itsmf Houston LIG and HDI Houston

Department of Management Services REQUEST FOR INFORMATION

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

State Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

Nebraska CERT Conference

RSA NetWitness Suite Respond in Minutes, Not Months

NCSF Foundation Certification

Sirius Security Overview

Critical Hygiene for Preventing Major Breaches

Transcription:

SESSION ID: PDIL-W03 How To Build or Buy An Integrated Security Stack Jay Leek CISO Blackstone Haddon Bennett CISO Change Healthcare

Defining the problem 1. Technology decisions not reducing threat 2. Executives not understanding the threat 3. Inability to quantify investments to reduce threat 2

Where to begin What are you trying to protect? Strategic direction should be defined by the answer 3

Threats and Attack Surfaces Define the threats to your organization Website hack Malware Insider 3 rd Party What is attack surface? Employees with email and web surfing access Online storefront Point of sale retail Single database or secret source code 4

Create a maturity model based on your needs Identify security controls that mitigate the threats that you have identified Measure yourself and create a score that clearly shows your maturity level Prioritize the key threats your organization must mitigate Socialize this with executive leadership for transparency and support of your investments 5

Example 1 Malware Mail, Web, Endpoint Antivirus Network Advanced Malware Threat Analytics and Full Packet Capture etc. Data Loss Endpoint, Mail, Web Data Loss Prevention Mobile Device Encryption Digital Rights Management External Parties 3 rd Party Risk Assessments Vendor Management Contract Security 2014 2014 2014 Q2 15 2015 Q2 15 2015 Q2 15 2015 1 2 3 4 5 6 7 8 9 10 ACME 2015 EOY Average Financial Svs Top 25% Benefits Based off of known threats from past breaches Clearly shows the top 3 areas that you determine are the most critical Visual representation of how and where you need to invest Proof of existing maturity and investment payoff over time

Example 2 Information Risk & Security Program Visibility Intelligence Response Security Operations Management Application Development & Maintenance Prevention Access Control Asset Management 0.00 1.00 2.00 3.00 4.00 5.00 6.00 7.00 8.00 9.00 10.00 2011 2012 2013 2014 2015 Plan Benefits Follows ISO framework and NIST Cyber Security Controls Shows progress over time to support new investments Articulates a security strategy that can be measured and monitored by executives 7

Determining Success Create a ruler and measure Don t get caught arguing about the measuring stick; focus on left to right movement Don t be afraid to make commitments on the measure Understand what success looks like CEO micromanaging your objectives CFO asking how this investment moves me forward Others being asked to create something like your model M&A leader asking how NewCo measures up and what do you need to bring up to the standard 8

Selecting the optimal portfolio stack for your company

Define your architecture All tools you invest in must be able to work together, not just with other vendor supplied solutions The days of isolated tools and isolated functions have passed us Tools must be able to consume intelligence to provide context 10

Culture considerations You must manage expectations of your end users Don t underestimate the amount of education it will take for certain security technologies Culture awareness needs to be considered Government level security is not always necessary 11

Testing and deployment 12

Truly adding value 13

Ensure company viability 14

Implementation and architecture

Understand your risk profile Not every company is highly regulated or driven by strict customer demands Your profile may not lend itself to full data loss prevention blocking on all channels and disallowing any remote access Don t over prescribe as credibility is key to success 16

Team What are your current talent capabilities Certain tool sets lend itself to trusting the protection provided vs. having the skillset to validate and constantly tweak If you build vs buy, consider cross training capabilities and retention of the talent to maintain 17

Understanding the trade-offs

Ease of execution 19

Communication across teams 20 Most security technologies have a tremendous dependency other nonsecurity technologies Agent deployments, in-line network gear, email flow integration Must consider other teams during the selection process and get their buyin

Vendor management 21

Case Study: Blackstone Security Stack

Mission Statement In response to the ever evolving threat landscape we recommend upending the traditional security paradigm: prevent, detect and react and embracing an approach that balances prevention with: Enhanced Visibility, Situational Awareness & Response combined with a business oriented approach to Information Risk & Security

Key Value Drivers The Blackstone Security Stack is a methodology that security leaders can use as reference guide and/or blueprint aid them in making decisions about their information risk & security program. The Blackstone Security Stack provides: Security Guidance / Blueprint for guidance and technical security architecture that leans on ISO 27001 and the NIST Cyber Security Framework Support in justifying purchase of security solutions, services, and SW/HW A framework for budgeting, resourcing and other needs which enables benchmarking across companies Flexibility enabling each security leader to adapt the security stack to properly protect their organization aligned with unique organization risks, budget, and needs

Addressing the challenging questions The Blackstone Security Stack should help answer common questions What are my key threats? Have I been compromised? Am I making the right security investments at the right time? What data do I need to inform and influence positive security outcomes? What is the balance between Being Compliant and Being Secure? Ultimately, do our controls align with our real threats and risks? Threat Landscape Aligned Controls Blackstone Security Stack processes

Information Risk & Security Maturity Model

100 Day Plan Recommendation Ensure the following is in place or established: Senior management support Budget, resourcing, and collaboration with the technology team Educate as required CISO or security leader Assessment of the Information Risk & Security Program Identify 5 major gaps or quick wins and close Advanced threat detection capabilities on the network or the endpoint 2-factor authentication for remote access Sufficient technical capabilities and visibility into the environment to determine if the organization may be compromised If not, perform a technical assessment (e.g. Compromised Assessment) by a 3 rd party If so, perform a control / threat assessment by a 3 rd party Post 100 day Security Strategy / Roadmap 12-18-24 months

Wrap-up

Key takeaways Define what you are trying to protect & measure Get appropriate buy-in from executives Find the right tools and services that fits your culture Understand your risks and implement Report on reduction in risk 29

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback