1 / 24

How to bring security transparency into your organization ISSA EDUCATIONAL SESSION

How to bring security transparency into your organization ISSA EDUCATIONAL SESSION. Nicklaus Schleicher, VP Support & Customer Service. Consul. 17 years of security event management experience Winner of ISSA Organization of the Year in 2003 Founded in 1986 Worldwide presence: US,

jaimie
Download Presentation

How to bring security transparency into your organization ISSA EDUCATIONAL SESSION

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service

  2. Consul • 17 years of security event management experience • Winner of ISSA Organization of the Year in 2003 • Founded in 1986 • Worldwide presence: • US, • Europe, • Asia-Pacific, • Latin America

  3. Security landscape is changing • Disappearing perimeter • More complex security devices • Heterogeneous networks • Information overload • Not enough resources • Increasing threats • Regulatory requirements • Cost pressure

  4. What are customers saying • Make their security operations more efficient • Gain a holistic understanding of their overall security • Comply with regulations • Make sense out of the chaos that is a large network • Respond more quickly and intelligently to problems • Monitor and enforce business-critical policies • Conduct more effective post-event forensics and analysis • Move from auditing to monitoring

  5. It’s all about Value Suppose you could protect your most valuable business assets at the lowest cost? Wouldn’t you want to know how?

  6. It’s all about Your Critical Data Most security devices monitor the network perimeter. Yet key assets are on the less-protected inside. Is your core network adequately protected?

  7. Lots of Products - Few Solutions Companies have invested heavily in firewalls, IDS, and AV systems, yet remain vulnerable to devastating attacks. What are you doing to continuously monitor security on your perimeter AND core networks?

  8. Regulations are a worry Proliferating industry and regulatory standards raise the bar on implementing and demonstrating effective security. HIPAA, GLB, BS 7799, Basel II What is the value of effective compliance to regulations in your company?

  9. Security Infrastructure Firewall / VPN Authentication Authorization OS Security Intrusion DetectionSystems (IDS) Application Security PKI Anti-Virus Biometrics The security infrastructure is in place

  10. But security remains a tradeoff Increased Security More Openness

  11. Too many reports and alarms • From firewalls • From intrusion detection systems • From anti-virus systems • Many log files

  12. Too few reports where it matters • Internal systems are not monitored enough: • Logging turned off or not understood • Reports have no real-world meaning • Comparison across systems impossible • Auditing versus company policy impossible Are you secure? “I don’t know”

  13. Insiders remain a threat • Inside is as hostile as outside, but in a different way • 64% of companies admit they suffer from security breaches • 76% of all security breaches are due to insider work • 70% of all corporate data still on mainframes

  14. Security management process

  15. Step one: define What’s the status? • Assess current enterprise security • Review policies • Benchmarking and gap analysis • Compliance to standards and regulations • Understand source of today’s vulnerabilities • Define metrics for success

  16. Step two: protect Implementation of solution: • Implement policies • Define security procedures • Create awareness and communication • Establish administration and support roles

  17. Step three: check How secure are we?: • Measure Compliance • Check for existing vulnerabilities • Modify policies and settings • Learn from intrusions and issues • Measure against metrics Security event management

  18. Comprehensive approach

  19. People system administrators managers finance human resource secretary on line customers / suppliers / partners hackers etc.

  20. Technology operating system intrusion detection system firewalls business applications anti-virus software etc.

  21. Security policy Who is allowed to do what kind of actions on what kind of documents in which period of time from which place and on which server?

  22. Consul/eAuditSimplifying a complex environment…

  23. Consul/eAudit Real-time, intuitive view of network Prioritized, actionable alerts, drill-down reports Visualization, reporting and alerting Monitors output from over 50 platforms Evaluates security events, policy violations Normalization and correlation Best practices baselines, HIPAA, GLB Extensive auditing, reporting and forensics Policy

  24. Helping you lower the costs of security

More Related