Post on 20-Jan-2015
description
transcript
Leveraging Managed Services for Cost effective Infosec
Operations
+973-36040991 jorge.sebastiao@its.ws
ICT Security 2009 - Risks•79% - don’t believe Security Software of Digital Signature provides Sufficient Protection
•50% - Organization not protected against Malware based on attack trends
•62% - not enough time resources to address vulnerabilities
•66% - out of work during recession will lead to more people joining cyber-criminal underground
ICT Security 2009 – Arms Race•41% - increase in sophistication of attacks
•45% - increase in phishing attacks on employees
•49% - (financial services) increase in technical sophistication of attacks
•63% - infected web site biggest cause of compromise of online security
“Every morning in Africa a gazelle wakes up. It knows it must outrun the fastest lion or it will be killed. Every morning in Africa a lion wakes up. It knows it must run faster than the slowest gazelle or it will starve. It doesn’t matter if you’re a gazelle or a lion: when the sun comes up, you had better be running.”
- H.H. Sheikh Mohammed Bin Rashid Al Maktoum.
Quote
Securing Information Today Threats
Environmental
NaturalDisasters
Unintended results(The “OOPS” factor)
Cyber terrorism Viruses
ThreatsIndustrialEspionage
Securing Information TodayBusiness Risks
Employee &
customer
privacy
Legislativeviolations
Financial loss
Intellectualcapital
LitigationPublic
Image/TrustBusiness
Risks
DATA CORRUPTION COMPONENT FAILURE APPLICATION FAILURE
HUMAN ERROR MAINTENANCE SITE OUTAGE
Threats to Infrastructure
Do you have risk mgmt plan?
ICT Risks are changing
Hacking is now a business
Criminals
Hacker don’t follow rules?
More sophisticated Attacks
Business vs Inforsec Priorities
Security focus on Business
Views of Security and Risk Management
Business ViewService and ContinuityCustomer Focus
Managing RisksOperation Risk Controls AuditingGovernance & Compliance
IT InfrastructureDisaster RecoveryHigh Availability
Risk Management
Elimination
Reduction/Controls
Transfer/Outsource
Insurance
ResidualNot all risk can be eliminated via controls
Better Incidence Response & AvailabilityBest PracticesQuick troubleshootingKnowledge baseHigher Availability
Efficient Security OperationsSupport
Availability of qualified resourcesInfrastructure protectionInfosec, BCM, ITIL Best Practices24x7x365 MonitoringVendor ManagementManaged People, Process, Technology
Why should you care?
Scope of Management &Value
Technology
Process People
Technology is not enough
Process
Technology
People
SLA 24x7x365 Industry Best Practices ITIL based processes
Data Center Best Practices Latest Monitoring tools State of the Art knowledge base Secure technology
Certified and Trained Staff Technical Experts Cross Training Onsite and Offsite
Holistic Implementation
Infosec:Global Delivery Services - GDS• On-site & Off-site resource Mix• Fully managed and supported environment• Enterprise Management Solution (EMS)• Predictable cost model• Performance & Trend analysis• Alert, Monitoring, Notification & Escalation • Training and Knowledge Transfer• 24x7x365 with SLA
Managed Services Provide Agility
• Knowledge Base
• Incidence diagnosis
• Root Cause analysis
• Quicker Response
• Response Planning
• Certified Resources
• Single Vendor Management
Infrastructure Best Practices
3 key Drivers for outsourcing
100% Onsite
100%Offsite
0%Onsite
0%Offsite
Traditional ITO/FMManagedServices Centralized Management
Decentralized Management
FlexibleManaged Services
Approach
Flexibility
Network Platforms DatabaseStorage
Applications
Business Relationship and Supplier Management
Capacity planning and Financial Management
Service Level Management
Service Continuity, Security
Capacity and Availability Management
Change, Configuration and Release Management
Monitoring, Incident and Problem ManagementLevel-1Resolution Processes80-100% Offsite
Level-2Operational Processes20-80% Offsite
Level-3Strategic Processes100% Onsite
Cost Effective Management Mix
PoliciesProcesses,
Process Diagrams &
Models
Procedures and Guidelines
Templates, Forms, Checklists
Self Help, Knowledge Articles, Project Artifacts
How to achieve organization goals and
objectives
Organization Goals and Objectives
How to perform the activities that are needed
Artifacts used to perform activities
References to use for efficient performance
Best Practices Structure
Managed Services Framework
Desktop Network Servers Databases Storage Applications
Monitoring, Automation Tools
ITIL Compliant Best Practices
Aggregated Reporting / Portal / I2MP, Service Desk
Redundancy / High Availability / Disaster Recovery
Onsite Offsite Vendor A Vendor B Call CenterCenter of
Excellence
Implementation ContinuousDetection Response• 24x7x365 • Security monitoring• Managed Services• Automatic Alerting• Incidence Response• Vulnerability
Assessment• Patch Management• Forensic Analysis• Integration
Incident Response
Analyse
Contain
Eliminate
Restore
Lessons
Policy Refine Policy
Continuous Monitoring
T-1 T 0 T 1 T 1 T 3 T 4 T N
Communicate
CIO Security Metrics
Security = Time Protection
DetectionResponse
SECURITYP>D+R
Anti-virus
VPN
Firewall
Access Control
Intrusion Prevention
Managed Services
Patch Mgmt
CIRT
Vulnerability Testing
Intrusion Detection
Log Correlation
CCTV
Security in Depth
Security in Depth Revised
People Technology Process
Prevent
Respond/Recover
Detect
Structured Delivery Managed Services
SETA = Security +Training + Awareness + Education
Know
ledg
e fil
ls g
aps
TransformationOptimization
DueDiligence
Steady StateTransition
Plan
Structured Implementation
Risk Analysis Matrix
Pro
bab
ilit
y o
f L
ikel
iho
od
Severity of Consequence
High
Medium
Low
Low Medium High
Area of Major
Concern
Focus on Risk
Focus on Risk
High Medium Low
Hig
h
A B C
Med
ium
B B C
Lo
w C C D
Business Impact
Vu
lner
abili
ty
ICTSecurity
SkilledResources
LogicalPhysical Integration
Best Practices
ContinuousModel
Security with 20/20 Vision
Questions
+973-36040991 jorge.sebastiao@its.ws