TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Similar documents
TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

EMC FORUM Vic Bhagat. Executive Vice President & Chief Information Officer EMC Corporation

RSA IT Security Risk Management

Copyright 2013 EMC Corporation. All rights reserved. BIG DATA AND SECURITY JOINING FORCES

Enterprise GRC Implementation

TOP REASONS TO CHOOSE DELL EMC OVER VEEAM

Copyright 2012 EMC Corporation. All rights reserved. Obrigado

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

What matters in Cyber Security

Un SOC avanzato per una efficace risposta al cybercrime

Microsoft Operations Management Suite (OMS) Fernando Andreazi RED CLOUD

RSA NetWitness Suite Respond in Minutes, Not Months

Operationalizing the Three Principles of Advanced Threat Detection

FROM SIEM TO SOC: CROSSING THE CYBERSECURITY CHASM

Transforming IT: From Silos To Services

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Aktueller Überblick über das RSA Portfolio

Redefine Data Protection: Next Generation Backup And Business Continuity

MITIGATE CYBER ATTACK RISK

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Copyright 2015 EMC Corporation. All rights reserved. Published in the USA.

GDPR: An Opportunity to Transform Your Security Operations

EMC & VMWARE STRATEGIC FORUM NEW YORK MARCH Tom Heiser President, RSA. Tom Corn SVP & Chief Strategy Officer, RSA

IT Redefined. Hans Timmerman CTO EMC Nederland. Copyright 2015 EMC Corporation. All rights reserved.

WHITEPAPER. Enterprise Cyber Risk Management Protecting IT Assets that Matter

LEAD YOUR CLOUD TRANSFORMATION. Copyright 2013 EMC Corporation. All rights reserved.

RSA Advanced Cyber Defence Summit

Farid SAADI. Senior Systems Engineer, Backup Recovery Systems

MEETING ISO STANDARDS

Redefine Data Protection: Next Generation Backup & Business Continuity Solutions

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

Cybersecurity Auditing in an Unsecure World

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

TRANSFORM YOUR APPLICATIONS

TSC Business Continuity & Disaster Recovery Session

Availability for the Always-On Enterprise

locuz.com SOC Services

Cybersecurity Roadmap: Global Healthcare Security Architecture

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

Security. Made Smarter.

Cyber Resilience. Think18. Felicity March IBM Corporation

Incident Response Agility: Leverage the Past and Present into the Future

Security Operations Centers in Action

A Risk Management Platform

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Data Protection Everywhere

Microsoft Security Management

15-Minute Guide to Effectively Virtualizing Mission-Critical Applications with VMware

RSA Security Analytics

Madis Pärn Sr. System Engineer EMC CORE TECHNOLOGIES DATA PROTECTION OVERVIEW. Copyright 2015 EMC Corporation. All rights reserved.

Transform Availability

THE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson

Reinvent Your 2013 Security Management Strategy

<Partner Name> <Partner Product> RSA Ready Implementation Guide for. Rapid 7 Nexpose Enterprise 6.1

INTELLIGENCE DRIVEN GRC FOR SECURITY

Certified Information Systems Auditor (CISA)

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Delivering Complex Enterprise Applications via Hybrid Clouds

EMC FORUM Vic Bhagat. Executive Vice President & Chief Information Officer EMC Corporation

FOR FINANCIAL SERVICES ORGANIZATIONS

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

CipherCloud CASB+ Connector for ServiceNow

CSP 2017 Network Virtualisation and Security Scott McKinnon

Copyright 2015 EMC Corporation. All rights reserved. Published in the USA.

Security. Risk Management. Compliance.

AVAILABILITY AND DISASTER RECOVERY. Ravi Baldev

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Security Readiness Assessment

The Key to Disaster Recovery

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Integrated, Intelligence driven Cyber Threat Hunting

Vscale: Real-World Deployments of Next-Gen Data Center Architecture

Prescriptive Security Operations Centers. Leveraging big data capabilities to build next generation SOC

SECURITY & PRIVACY DOCUMENTATION

Netwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer

Copyright 2012 EMC Corporation. All rights reserved.

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

EMC TRUSTED IT SOLUTIONS FOR HEALTHCARE PROVIDERS

Business Continuity & Disaster Recovery

Enterprise & Cloud Security

Data Protection in Practice

SIEM: Five Requirements that Solve the Bigger Business Issues

VPLEX & RECOVERPOINT CONTINUOUS DATA PROTECTION AND AVAILABILITY FOR YOUR MOST CRITICAL DATA IDAN KENTOR

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

Securing Data in the Cloud: Point of View

Brussels. Cyber Resiliency Minimizing the impact of breaches on business continuity. Jean-Michel Lamby Associate Partner - IBM Security

1560: Storage Management & Business Continuity Strategy and Futures

What's New with Data Domain in 2014? Name

Data Protection Everywhere. For the modern data center

Disaster Recovery-to-the- Cloud Best Practices

Make IR Effective with Risk Evaluation and Reporting

A Methodology to Build Lasting, Intelligent Cybersecurity Programs

Anything-as-a-Service. Name

The Resilient Incident Response Platform

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Transcription:

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE John McDonald 1

What is Trust? Can I trust that my assets will be available when I need them? Availability Critical Assets Security Can I trust that my assets will only be accessed by appropriate agents for appropriate business purposes? Recoverability Can I trust that I can recover my assets in the event they become corrupted/deleted? 2

Agenda Continuous Availability of Applications, Systems and Data Data Protection with Integrated Backup and Recovery Threats Identified and Repelled with Advanced Security 3

Cost Of Downtime Outages Can Be Disasters In The Always On World ESTIMATES $750/Min $45K/Hr $1.8M/Day * Enterprise Management Associates - 2012 CAUSES Business Disruption Lost Revenue End User Productivity IT Staff Time Allocation Fines and Penalties Company Reputation 4

High Availability And Disaster Recovery Calculate Downtime Costs Within And Across Data Centers Failure Domains Application Disruption Planned Unplanned RTO: Minutes-to-Hours Replication Failover and Fail-back Instance A Active Instance B Passive Passive, Idle Resources 5

Evolution To Continuous Availability Eliminate Downtime Within And Across Data Centers Failure Domains Active / Active Distributed Virtual Volume Replication Instance A Active Instance B Passive Instance A Active Instance B Active 6

RPO Continuous Availability. Redefined Continuous Avail. Seconds GRC Zero RTO Eliminate Restarts Active- Active Traditional Failover Days Days Manual, Stand-by RTO Zero 9s of Availability Swap, Stand-by 7

Continuous Availability. Redefined Protect Against Technical And Operational Failures 8

Agenda Continuous Availability of Applications, Systems and Data Data Protection with Integrated Backup and Recovery Threats Identified and Repelled with Advanced Security 10

Present State Of The Backup World THE PROBLEM 53% Companies with data loss in 2012 (31% in 2011) 24% Do not tell CEOs they are not backing up all files HOW IT HURTS BUSINESS Protect More Data Across More Environments With Shrinking Budgets Source: Acronis Global Disaster Recovery Index: 2012 43% Loss of employee productivity productivity 33% Do not back up virtual servers as often as physical 29% Loss of revenue 29% 49% Back up virtual machines weekly or monthly Loss of customer confidence Source: Vanson Bourne 2012 Backup and Recovery Survey 11

A Growing Rift Between Business & IT Application Owners IT Team 12

Leading To An Accidental Architecture IT Team 13

ACCELERATE Backup And Recovery. Redefined Self Protection Storage Leveraged Infrastructure Native App Support Integrated Traditional Backup Helpdesk 0 Isolated LEVERAGE 100% Dedicated Equipment Application Silos 14

Data Protection Continuum Availability, Replication, Backup and Archive Applications Have Different Data Protection Requirements Avamar, Data Domain, NetWorker ProtectPoint, RecoverPoint, SourceOne, VPLEX Availability Replication Snapshot Backup Archive Complementary Protection Levels To Meet All Service Levels 15

Protection and Software-Defined Storage Microsoft System Center For Exchange Microsoft System Center For SQL Server Oracle RMAN SAP HANA Studio VMWare vcenter ViPR Controller Provisioning Protection Isilon VNX VMAX XIO SIO VPLEX 3 rd Party Native SAME AS PRIMARY Open (NDMP, RecoverPoint, VPLEX OTHER EMC PRIMARY Data Domain Public Cloud 16

Agenda Continuous Availability of Applications, Systems and Data Data Protection with Integrated Backup and Recovery Threats Identified and Repelled with Advanced Security 17

Platform 3 Redefines Security Cloud, Mobile & Social Combined With A New Set Of Threats Cloud & Mobile Perimeters Are Changing Social Networks More Identities To Verify New Threats Examine All Behavior Private Hybrid Public Sophisticated Fraud Advanced Threats 18

Platform 3 Redefines Security Focus on People, Data Flow And Transactions Isolated Events (Correlated) Raw Closely Related Events Archive Real-Time Single Well- Defined Events Platform 19

Advanced Threats Are Different 1 TARGETED SPECIFIC OBJECTIVE 2 INTERACTIVE HUMAN INVOLVEMENT 3 STEALTHY LOW AND SLOW System Intrusion Attack Begins Cover-Up Discovery Leap Frog Attacks Cover-Up Complete TIME Dwell Time Response Time Decrease 1 Dwell Time Attack Identified Speed 2 Response Time Response 20

PERIMETER Advanced Security. Redefined Individual Advanced Security Predictive analysis Activity. What if? Data Science Traditional Security Organization Monitor and Manage Past TIME Future Reports and Response What happened? 22

Advanced Security. Redefined Monitoring 15% Response 5% Monitoring 33% Response 33% Prevention 80% Prevention 33% Historic Security Spend Future Security Spend 23

RSA Security Analytics Distributed Data Collection Data Enrichment Alerts & Reporting Incident Response NETWORK SYSTEM PACKET METADATA LOG METADATA LIVE Investigation & Forensics Compliance Malware Analysis Intel Feeds Endpoint Visibility & Analysis LIVE Parsing & Tagging LIVE Business & IT Context LIVE - THREAT INTELLIGENCE Rules Parsers Alerts Feeds Apps Directories Reports & Custom Actions 24

CMDB Assets RSA Advanced SOC Incidents Breaches Projects Risks SIEM Discovery DLP ARCHER GRC SECURITY OPERATIONS Vulns SECURITY ANALYTICS ECAT Live Malware Analysis Client Identity Server LIVE - THREAT INTELLIGENCE Rules Parsers Alerts Feeds Apps Directories Reports & Custom Actions 25

Adaptive & Risk-Based Authentication User Action Analysis Engine Private Cloud AUTHENTICATION MANAGER + SECURID Read Email Username & Password Download Sales Pipeline Additional Authentication Two-Factor Device Profile User Behavior Profile Fraud Network Public Cloud Access Bank Account Username & Password Out Of Band IDENTITY PROTECTION & VERIFICATION + WTD Transfer Funds Challenge Q Additional Authentication 26

RSA s IM&G Platform Architecture Business Agility App Access Portal Operational Efficiency Access Lifecycle Policy Lifecycle Resource Lifecycle Reduced Risk Provisioning Remediation Monitoring Compliance Assurance Audit and Review Exception Handling Risk Analytics Business- Friendly UI Authentication / SSO Process Orchestration Integrated Workflow Identity, Resource, Policy Business Logic for Policy-based Governance Security Integration Fabric Collection Provisioning Events Data Query Integration Logic Directory Systems HR Systems On-premise Applications Data Shared Files Cloud Applications SIEM DLP GRC 27

Managing & Tracking Trust Risk Trust Requirements Data Sources RSA Archer Security Risk Asset Management CMDB Process Availability Risk Events HR Data Status Integrity Risk 28

Archer Modules The Foundation for a Best-in-Class Governance, Risk and Compliance Program Audit Management Centrally manage the planning, prioritization, staffing, procedures and reporting of audits to increase collaboration and efficiency. Business Continuity Management Automate your approach to business continuity and disaster recovery planning, and enable rapid, effective crisis management in one solution. Threat Management Track threats through a centralized early warning system to help prevent attacks before they affect your enterprise. Policy Management Centrally manage policies, map them to objectives and guidelines, and promote awareness to support a culture of corporate governance. Risk Management Identify risks to your business, evaluate them through online assessments and metrics, and respond with remediation or acceptance. Compliance Management Document your control framework, assess design and operational effectiveness, and respond to policy and regulatory compliance issues. Vendor Management Centralize vendor data, manage relationships, assess vendor risk, and ensure compliance with your policies and controls. Incident Management Report incidents and ethics violations, manage their escalation, track investigations and analyze resolutions. Enterprise Management Manage relationships and dependencies within your enterprise hierarchy and infrastructure to support GRC initiatives. 29

Agenda Continuous Availability of Applications, Systems and Data Data Protection with Integrated Backup and Recovery Threats Identified and Repelled with Advanced Security 31

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback