1 / 23

BT Managed Security Solutions

BT Managed Security Solutions. Service Overview for Financials: The Most Beautiful Target Measure, Monitor, Protect, Advise James McCarthy james.mccarthy@bt.com. La estructura organizativa de BT. +100.000 employees Revenues 09/10: +31.200 M$

ursala
Download Presentation

BT Managed Security Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. BT Managed Security Solutions Service Overview for Financials: The Most Beautiful Target Measure, Monitor, Protect, Advise James McCarthy james.mccarthy@bt.com

  2. La estructura organizativa de BT +100.000 employees Revenues 09/10: +31.200 M$ Thebiggest R&D Center in ITC in Europe – Adastral Park Grupo BT • Gartner Leader Quadrant – WorldwideManaged and Professional Network ServiceProviders • 37.000professionalsprovidingconsultancyservices, managedservices and supportingourcustomers in +170 countries • Revenues 09/10: +12.700 M$ BT Global Services BT Latam Global Banking and FinancialMarkets • DedicatedSolutions and ManagedServicestotheFinance and Insurance Sector • One of themostprofitableregions and withthehighestgrowthpotential

  3. OurOperations in theRegion

  4. Some of our customers in the region pasión por nuestros clientes

  5. The Most Beautiful Target…Why? Lots of Captive Users A Trusted Partner / Brand For Those Users Hundreds of Thousands of Transactions – Typically in Small Monetary Increments

  6. The Most Beautiful Target…and How BT Protects You… …Panda Security’s anti-malware laboratory, has discovered that hackers are creating 57,000 new websites each week that exploit approximately 375 high-profile brand names worldwide… Findings By Customer: 1. eBay – 23.21 percent 2. Western Union – 21.15 percent 3. Visa – 9.51 percent 4. United Services Automobile Association – 6.85 percent 5.HSBC – 5.98 6. Amazon – 2.42 percent 7. Bank of America – 2.29 percent 8. PayPal – 1.77 percent 9. Internal Revenue Service – 1.69 percent 10. Bendigo Bank – 1.38 percent

  7. The Most Beautiful Target…Breach Numbers are Growing… From PrivacyRights.ORG Limited Search - Breaches currently displayed:Breach Types: HACKOrganization Types: BSFYears: 2010235,373 Records in our database from.10 Breaches made public fitting this criteria (All US Financials)

  8. Introducing BT’s Managed Security Solutions For Financials

  9. Enhance compliance and governance Secure applications and information Secure network and IT infrastructure Board confidence in Information Risk structures & processes Reduce downtime, costs Information assurance Business objectives Secure Communications Management Operational Risk Management Secure Networking Information Management Identity Management Business Continuity Propositions Consulting services Integration,implementation Managed services Design Common methodology BT’s proposition areas Enabling security and compliance efficiently and cost effectively across your enterprise

  10. BT has concentrated its resources into one dedicated global practice, one of the biggest security teams in the world 400+ full time client facing practitioners A further 800+ working on security including R&D and internal team Decades long heritage in designing, building, managing secure global networks Rigorous, mandatory internal security evaluation process Global accreditations & certifications Practitioners validated by Cisco, ITIL and Juniper Networks SAS70 and ISO 9001 certified MSS provider Accredited to CERT & FIRST, CLEF FIPS 140-2; one of only 8 globally Active participants in IETF, ISO17799 World leading R&D facility Adestral Park in Suffolk, England 100 registered patents 160 security papers published 30% of people with second degrees BT Knowledge, Experience, Thought Leadership

  11. BT’s Managed Security Solutions powered by Counterpane and the EHCOE • Authority on enterprise security • Pioneered outsourced security monitoring – Established in 1999 • Founder and CTO, best-selling author: Bruce Schneier • Leading visionaryin Gartner’s Magic Quadrant for MSS and EH • Global view:650 customer networks; Sentries installed in 38 countries; monitored data spanning 150 countries • Seven fully redundantsecurity operations centers • Eleven year proven track recordprotecting major, high-value networks Mission: Develop and implement fully-integrated managed security services that assure customers’ business continuity, improved compliance, and protection from financial loss.

  12. BT Security Services CustomersFortune 500 leaders in every major industry around the globe

  13. Business Problems Solved by Managed Security Services • Streamline policy enforcement • Detect early warning signs of inappropriate activity • Protect against rogue employees and contractors • Identify unauthorized activity • Real time detection of botnet- and malware-infected hosts • Regularly updated blacklists of known botnet controllers and malware distribution sites • Facilitate data collection for regular audits and compliance reporting • Centralized access to all security-relevant and activity logs • Easy access to archive and flexible data-mining options • Leverage existing investments in expensive devices • Ensure IDS/IPS/firewall devices have current signatures & patches • Configure them in accordance with industry best practice • Provide cost-effective access to senior security expertise • On demand access to world-class security analysis & personnel • Focus on strategic decision-making while tactical issues are handled

  14. We deliver crucial security information about complex threats with expert assistance on how to respond. We do so using three main elements: People Process Process Process Technology Technology Managed Security Solutions …of these, people are the most important!

  15. 30 Million Messages Received 186,000 Alerts Processed 1200 Tickets Analyzed 5 Customer Contacts 1 Phone Call 4 E-mails Workload Reduction Enables Customers to Focus on Core Business Objectives “Typical” Services Company Example (Monthly CIO Report) One of the things I’ve gotten the most mileage out of is the monthly CIO report… I use that [to show] my executives all the traffic that’s coming through… You start with millions of items and work your way down into about 50 to 60 of [incidents] a month. It’s a great way to explain the value we’re getting out of the managed security services.” Tom Dunbar, CSO, XL Capital

  16. View Across BT Counterpanes Financial Services Companies Across our Financial Services Clients their Security Posture Index is rated as “Above Average” which indicates a high level of sensitivity towards information that is provided to them by our BT SOCs.

  17. Web Application Testing – the Most Beautiful Target Client-side Application Testing Ethical Hacking Assessment 17 • Components can consist of: • Java applets that operate within Web browser • Standalone Java applets • Standalone executable applications • Testing determines: • How security is integrated into the client software components • How the client software interacts with the remote server application • If any unnecessary information is entrusted in the client software • If the client software can be manipulated to provide unauthorized access to server application • Testing includes: • Attempt to collect as much information as possible about the client application and server communication • Attempt to manipulate the client software without inside knowledge

  18. Code Review – The Most Beautiful Path Source Code Review Ethical Hacking Assessment 18 • Reviews application code for deficiencies in the areas of security, reliability and operations. • The review identifies strengths and weaknesses of the application software modules. • Detection of the following types of computer abuse are attempted: • Trojan Horses - Salami techniques - Trapdoors • Logic bombs • The EHCOE requires the following documentation in order to perform the source code review: • Source code comments and documentation • Method of invocation for each program • Options and configuration file documentation • Method of compilation for each program –

  19. IDSs Firewalls/VPNs Routers Authentication Access Control Databases Web Servers Network OS Desktops Others What Sets BT Managed Security Solutions Apart? • United States Patent:Patent No. US 7,159,237 B2, Method and System for Dynamic Network Intrusion Monitoring, Detection and Response (Jan. 2, 2007) • Network visibility:More than one million event rules for a broad range of network devices • Advanced correlation technology:Multi-device, vertical market, cross-customer base • 24/7 vigilance by certified security engineers:SANS Certification and DOJ Background investigations required for employment

  20. What Sets BT Managed Security Solutions Apart? • Consultative approach:Dedicated team assigned to the account, Monthly touch points, Quarterly reviews, pre-sales and post-sales support, ongoing available support • Compliance audit reporting:VISA CISP/PCI, SOX, FISMA, GLBA, CA 1386, • Service Level Agreements:Swift activation and improved compliance with 100% guaranteed access to activity data .

  21. Security Operations Centers Physically hardened facilities • Three-factor access control • Multiple forms of surveillance • Fully-redundant power and network 100% uptime since January 2000 • Full-redundancy in each center • Continuous tagging and time stamping • CPE has auto-rollover to SOCs Geographically diverse • Facilities in major technology centers • Robust facilities built on Critical Infrastructure backbones Audits and accreditations • Including: SAS70, ISO27001, BS7799 • Analysts are GIAC certified

  22. Benefits of a BT Managed Security Services for the Financial Industry • Trusted Partner of the Financial Services Space • Current Testing Partner for the Majority of Very Large Financials • Resilient architecture • Hardened, active/active SOCs – no downtime • Vendor neutrality • Provides flexibility and avoids unnecessary capital outlays • Defense in depth • Support for more types of systems, including applications, databases AS/400, RACf, etc. • Comprehensive and integrated solution • Reduces risk and cost • Simplifies management and monitoring of diverse technology • Advanced correlation technology (Multiple tools and flexible configuration) Consultative Approach • Longevity and commitment • More than 10 years of continuous growth

  23. BT Professional Services 23

More Related