A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance - Michael Gutsche, Cybersecurity Strategy Peter ...
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
A Risk-based Security Program Approach: Security Enables Digital Transformation and Compliance Michael Gutsche, Cybersecurity Strategy Peter Bronson, Cybersecurity Strategy #MicroFocusCyberSummit
This document contains forward looking statements regarding future operations, product development, FORWARD-LOOKING STATEMENTS product capabilities and availability dates. This information is subject to substantial uncertainties and is www.microfocus.com subject to change at any time without prior notification. Statements contained in this document concerning these matters only reflect Micro Focus ArcSight’s predictions and / or expectations as of the date of this document and actual results and future plans of Hewlett-Packard may differ significantly as a result of, among other things, changes in product strategy resulting from technological, internal corporate, market and other changes. This is not a commitment to deliver any material, code or functionality and should not be relied upon in making purchasing decisions. User Interface depictions should be considered non-final and subject to re-design and / or removal. This is a rolling (up to three year) Roadmap and is subject to change without notice.
Agenda State of Cyber Security and Threats Compliance vs. Risk Based Programs Cyber Security Program Approaches Areas of Focus to “Move the Needle” 3
The Impact is Global World Economic Forum – 2018 Global Risk Report Top 10 risks in terms of likelihood #3 – Cyber attacks 2015 2016 Today Attack on Ukraine’s power SWIFT attack led to the European Aviation Safety grid shut down 30 theft of US$81 million from Agency has stated their substations, interrupting the central bank of systems are subject to an power to 230,000 people Bangladesh average of 1,000 attacks each month Global interconnectedness continues to expand the attack surface 5
Cyber Damages Continue to Outpace Spend Cyber damages to Cyber security Cyber crime will Human attack Ransomware hit $6 trillion spending to more than triple the surface to reach damage costs are annually by 2021 exceed $1 trillion number of unfilled 6 billion people predicted to reach from 2017 to 2021 security jobs by 2022 $11.5 billion Up from $3 trillion by 2019 in 2015 Predicted to reach 3.5 million by 2021 CSO online: Top 5 cybersecurity facts, figures and statistics for 2018 6
The Reach of Cyber Attacks 143 million customers data stolen 3 billion customers impacted 57 million customers and due to a vulnerability found in drivers impacted open software Every Yahoo customers’ data was exposed spanning 3 years Every Uber customers’ data A majority of people over 18 in went exposed for a year the U.S. data is now exposed Net income fell M&A impact $20B market 27% cap loss; untold in ONE quarter of $350M amount in litigation 7
It’s no longer a question of if, but when your data breach will happen
It is a new level of complexity! Threats Information Regulatory/ Infrastructure (internal and Overload Privacy complexity external) concerns 9
Risk vs. Compliance Based Information Security Programs
Compliance/Standards – A Subset!! NIST 800- CSA 4.0 DISA ITIL 53/CSF CIS 20 BSIMM PCI-DSS ISACA ILTA ISF OWASP COBIT 5 ISO/IEC 27001/2
Know Your Enemy Attacks come in all shapes and sizes High Organized crime has become very Organized crime Ad fraud sophisticated and operate like IP theft Extortion corporations Payout potential Main goal is to maximize profits and Bank fraud Payment system fraud minimize risks Bug bounty Medical records fraud Compete on quality, customer services, Credential harvesting Identity theft price, reputation, and innovation Credit card fraud Low Cyber warfare Hacktivism Use SDLC and are adopting SaaS Difficult Effort and risk Easy 12
Know Your Treasure and Where It Resides Health records your care provider manages for you Payments made to you Banks’ data about your finances and accounts Your email Your interactions with correspondence SaaS applications Your Telco’s information about your account Your credit rating information Your private email to and from your smartphone Your customers’ data. Your organizational data.
Additional Treasure Chests HR Systems CRM Systems Financial Systems Workday Microsoft Dynamics Lawson Peoplesoft Point of Sale Systems Customer Portals Credit Card Processing TBD TBD TBD “The health record is worth 10x that of a credit card number on the black market” 14
Establish a Risk-based Approach Assess security investments and posture How will attacks likely occur? How will you spot them on each platform? What corrective action will you take? Transform from silos to a comprehensive view Actionable Security On-prem traditional systems, SaaS, IaaS, and PaaS all of Intelligence which should fall under the same security umbrella Optimize to proactively improve security posture Manage security effectively Including internal SLAs and SLAs related to cloud providers. Maintain SLAs in the context of your security program Moving from Reactive to Proactive Information Security & Risk Management
Cyber Kill Chain
Cycle of Security – Breaking the Cyber Kill Chain
Risk Based Security Programs Table-stakes – Good security hygiene, perimeter security, endpoint protection Identifying risks – Unique to each organization Addressing the risks by implementation of programs not products Risk based security programs enable cloud and hybrid adoption Goal: Overall security posture improvement “Compliance to industry regulations should be “free bonus” to a robust risk based security program.” “Compliance does not equate to security”
IDENTITY & ACCESS • Adaptive Identity governance • Adaptive access management • Adaptive privileged users APP ENDPOINT SECURITY SECURITY • Static, Dynamic, & Runtime • Lifecycle management application testing • Patching & containerization • Application security-as-a- • Application virtualization service • Mobile & server management Comprehensive CYBERSECURITY, PRIVACY & RISK security for the DATA MANAGEMENT SECURITY SECURITY OPERATIONS enterprise • Data de-identification (encryption/tokenization) • Key management • • • Real-time detection Workflow automation Open source data ingestion • Hardware-based trust assurance • Hunt and investigation • Messaging security GOVERNANCE, RISK & COMPLIANCE • eDiscovery & Classification • Information Management
#MicroFocusCyberSummit Thank You.
#MicroFocusCyberSummit
You can also read