A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance - Michael Gutsche, Cybersecurity Strategy Peter ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
A Risk-based Security Program Approach: Security
Enables Digital Transformation and Compliance
Michael Gutsche, Cybersecurity Strategy
Peter Bronson, Cybersecurity Strategy
#MicroFocusCyberSummit
This document contains forward looking statements
regarding future operations, product development,
FORWARD-LOOKING STATEMENTS product capabilities and availability dates. This
information is subject to substantial uncertainties and is
www.microfocus.com subject to change at any time without prior notification.
Statements contained in this document concerning these
matters only reflect Micro Focus ArcSight’s predictions
and / or expectations as of the date of this document and
actual results and future plans of Hewlett-Packard may
differ significantly as a result of, among other things,
changes in product strategy resulting from technological,
internal corporate, market and other changes. This is not
a commitment to deliver any material, code or
functionality and should not be relied upon in making
purchasing decisions.
User Interface depictions should be considered non-final
and subject to re-design and / or removal.
This is a rolling (up to three year) Roadmap and is subject
to change without notice.
Agenda
State of Cyber Security and Threats
Compliance vs. Risk Based Programs
Cyber Security Program Approaches
Areas of Focus to “Move the Needle”
3
The State of Cyber Security and Threats
The Impact is Global
World Economic Forum – 2018 Global Risk Report
Top 10 risks in terms of likelihood
#3 – Cyber attacks
2015 2016 Today
Attack on Ukraine’s power SWIFT attack led to the European Aviation Safety
grid shut down 30 theft of US$81 million from Agency has stated their
substations, interrupting the central bank of systems are subject to an
power to 230,000 people Bangladesh average of 1,000 attacks
each month
Global interconnectedness continues to expand the attack surface
5Cyber Damages Continue to Outpace Spend
Cyber damages to Cyber security Cyber crime will Human attack Ransomware
hit $6 trillion spending to more than triple the surface to reach damage costs are
annually by 2021 exceed $1 trillion number of unfilled 6 billion people predicted to reach
from 2017 to 2021 security jobs by 2022 $11.5 billion
Up from $3 trillion by 2019
in 2015 Predicted to reach
3.5 million by 2021
CSO online: Top 5 cybersecurity facts, figures and statistics for 2018
6The Reach of Cyber Attacks
143 million customers data stolen 3 billion customers impacted 57 million customers and
due to a vulnerability found in drivers impacted
open software Every Yahoo customers’ data
was exposed spanning 3 years Every Uber customers’ data
A majority of people over 18 in went exposed for a year
the U.S. data is now exposed
Net income fell
M&A impact $20B market
27% cap loss; untold
in ONE quarter of $350M
amount in litigation
7It’s no longer a question of if, but when your data breach will happen
It is a new level of complexity!
Threats Information Regulatory/ Infrastructure
(internal and Overload Privacy complexity
external) concerns
9Risk vs. Compliance Based Information Security Programs
Compliance/Standards – A Subset!!
NIST 800-
CSA 4.0 DISA ITIL
53/CSF
CIS 20 BSIMM PCI-DSS
ISACA
ILTA ISF OWASP
COBIT 5
ISO/IEC
27001/2Know Your Enemy
Attacks come in all shapes and sizes
High
Organized crime has become very Organized crime Ad fraud
sophisticated and operate like
IP theft Extortion
corporations
Payout potential
Main goal is to maximize profits and Bank fraud Payment system fraud
minimize risks
Bug bounty
Medical records fraud
Compete on quality, customer services, Credential harvesting
Identity theft
price, reputation, and innovation Credit card fraud
Low
Cyber warfare Hacktivism
Use SDLC and are adopting SaaS Difficult Effort and risk Easy
12Know Your Treasure and Where It Resides
Health records your care
provider manages for you
Payments made to you
Banks’ data about your
finances and accounts Your email
Your interactions with correspondence
SaaS applications
Your Telco’s information
about your account
Your credit rating information
Your private email to and
from your smartphone
Your customers’ data.
Your organizational data.Additional Treasure Chests
HR Systems CRM Systems Financial Systems
Workday Microsoft Dynamics Lawson
Peoplesoft
Point of Sale Systems Customer Portals Credit Card Processing
TBD TBD TBD
“The health record is worth 10x that of a credit card number on the black market”
14Establish a Risk-based Approach
Assess security investments and posture
How will attacks likely occur? How will you spot them on
each platform? What corrective action will you take?
Transform from silos to a comprehensive view Actionable
Security
On-prem traditional systems, SaaS, IaaS, and PaaS all of Intelligence
which should fall under the same security umbrella
Optimize to proactively improve security posture
Manage security effectively
Including internal SLAs and SLAs related to cloud providers.
Maintain SLAs in the context of your security program
Moving from Reactive to Proactive Information Security & Risk ManagementCyber Kill Chain
Cycle of Security – Breaking the Cyber Kill Chain
Risk Based Security Programs
Table-stakes – Good security hygiene, perimeter security,
endpoint protection
Identifying risks – Unique to each organization
Addressing the risks by implementation of programs not products
Risk based security programs enable cloud and hybrid adoption
Goal: Overall security posture improvement
“Compliance to industry regulations should be “free bonus” to a
robust risk based security program.”
“Compliance does not equate to security”IDENTITY
& ACCESS
• Adaptive Identity governance
• Adaptive access management
• Adaptive privileged users
APP ENDPOINT
SECURITY SECURITY
• Static, Dynamic, & Runtime • Lifecycle management
application testing • Patching & containerization
• Application security-as-a- • Application virtualization
service • Mobile & server management
Comprehensive CYBERSECURITY,
PRIVACY &
RISK
security for the DATA
MANAGEMENT
SECURITY
SECURITY OPERATIONS
enterprise • Data de-identification
(encryption/tokenization)
• Key management
•
•
•
Real-time detection
Workflow automation
Open source data ingestion
• Hardware-based trust assurance • Hunt and investigation
• Messaging security GOVERNANCE,
RISK &
COMPLIANCE
• eDiscovery & Classification
• Information Management#MicroFocusCyberSummit Thank You.
#MicroFocusCyberSummit
You can also read
