Post on 16-Apr-2017
transcript
World®’16
SecurelyEnablingtheDigitalAge
AndrewMcCullough- SecurityConsultant- HewlettPackardEnterprise
SCT74S
SECURITY
2 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
©2016CA.Allrightsreserved.Alltrademarksreferencedhereinbelongtotheirrespectivecompanies.
Thecontentprovidedinthis CAWorld2016presentationisintendedforinformationalpurposesonlyanddoesnotformanytypeofwarranty. The informationprovidedbyaCApartnerand/orCAcustomerhasnotbeenreviewedforaccuracybyCA.
ForInformationalPurposesOnlyTermsofthisPresentation
3 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Abstract
Thedigitalrealityisalreadyuponus,andmakingasuccessfulmovetodigitalrequiresacoordinatedeffortandacomprehensiveviewofsupportingtechnologies.Tobecomeadigitalenabler,ratherthanfocussecuritysimplyonprovidingdigitalresilience,yoursecuritymustenablethebusinesstosecurelytransformapplicationsintothedigitalageandfosterclients’trust.Howcansecuritybecometheacceleratorfordigitaltransformation,whileprovidingtheresiliencerequiredforthedigitalage?Inthissession,you’lllearnhowsecuritywillenablethebusinessandplayakeyroleintransformingapplications—safelyandsecurely.
AndrewMcCulloughHewlettPackardEnterpriseSecurityConsultant
4 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Agenda
DIGITALAGE
DIGITALENABLER
DIGITALRESILIENCE
1
2
3
5 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Agenda
DIGITALAGE1
6 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
DigitalAge
SystemsofEngagement&Interaction
SystemsofControl
SystemsofRecord
MonetizeInteraction
User/Consumerisking
Atoms
Bits
Photons
Digital
7 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Fullyinterconnectedworld
2020
7.6Billionworldpopulation1
100Billionconnecteddevices1
1 HPEInternalResearch
Cybersabotageinthephysicalworldisareality
Identityisthenewperimeter“Usersjustwanttoaccessdata”
FullyInterconnectedsupplychainsmeansinterconnectedusers&risks
IoTattacksurfacecanbeusedtolaunchmassivescaleattacks
8 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Agenda
DIGITALENABLER2
9 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
SecurityasaDigitalEnabler?
Betterinteraction(CX) MoreinteractionsSourceofdifferentiation
– Privacyandsecurityfocus
– Customer’schoice
– Adaptive
– Biometrics
– Federated
– Socialmedia
Attractandretainmorecustomers|Chargepremiumforprivacy/security
10 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Example:EnablethebusinesswithbettercustomerexperienceIdentityFederation
Tweet:TheloyaltypointsfromthepurchaseIdidlastWednesdayweren’tcreditedyet
Tweet:Thankyou!
Tweet:Apologiesfortheinconvenience.Justcreditedtherespective325points.
Retail
Tweet:Ijustmissedmyflight
Tweet:Perfect!
Tweet:Mr.Smith,Ijustrebookedyourflight.Pleaseproceedtogate9.Yourflightdepartsin40minutes.
TravelandTransportation
11 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Today’sDigitalEnterpriseNeedsaNewStyleofProtection
Traditional
Ultimatestate – Impregnable
Messaging – Fear,uncertainty, doubt
Businessproximity – None
Accountabilityandleadership – IT/risk department
Focus – Perimeterandinformation
Approach – Complicate,obstruct,sayno
SOCfocus – Regional,isolated,servers,network&securitydevices
ProtectYourDigitalEnterprise– Assumeastateofcompromise.Digitalresilience– Stopexfiltrationandbusiness disruption– Detectearly.Quickandeffectiveresponse
– Confidence,Assurance, Visibility,preparedtorespond
– Enabler.Providerofbusinessoutcomes
– Board,CEO,business
– Protect yourmostcriticalassetsandtheinteractionsbetweenthem, regardlessofdevice orlocation
– UseaRiskBasedApproachtoaddresscybermaturitygaps– Includes valuechainandvaluecreationecosystem
– Lean,agile. Maximizeinteractionopportunitiesatlowestrisk
– FullCyberSituational Awareness– Global,sharingthreat intelligence– AlldevicesincludingICS/SCADA
12 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Agenda
DIGITALRESILIENCE3
13 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
UnderstandToday– CyberMaturityReview(CMR)
CyberDefense (CD)
14 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Acceleratetomorrow– CyberReferenceArchitecture
12intotal
63intotal345intotal
CyberDefense (CD)
Risk&ComplianceManagement(RCM)
ResilientWorkforce(RW)
Strategy,Leadership
&Governance(SLG)
SecurityResilientArchitecture(SRA)
PhysicalSecurity(PS)
SecurityResilientArchitecture(SRA)
CyberDefense (CD)
IdentityandAccess
Management(IAM)
InfrastructureandEndpointSecurity(IES)
ApplicationsSecurity(AS)
DataProtectionandPrivacy
(DPP)
ConvergedSecurity(CS)
RiskandComplianceManagement(RCM)
ResilientWorkforce(RW)
SecurityOrchestrationandManagement(SOM)
Strategy,Leadership
andGovernance(SLG)
Domain
Sub -domain
Sub -domain
Capability
Capability
Capability
Capability
Cyberdefenseblueprint
Identityandaccess
managementblueprint
Infrastructureandendpoint
securityblueprint
Applicationssecurityblueprint
Dataprotectionandprivacy
securityblueprint
Resilientworkforceblueprint
Riskandcompliancemanagementblueprint
Cloudsecurityblueprint
(consumption)
Cloudsecurityblueprint(provider)
Internetofthingssecurityblueprint
Connectedvehiclesecurity
blueprint
Industrialcontrolsystemssecurity
blueprint
GDPRsecurityblueprint
Collaborationsecurityblueprint
Mobilitysecurityblueprint
Framework
Highlystructuredandgranular
SingleDomain
MultiDomain
15 Blueprints
15 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Don’tMissOurINTERACTIVESecurityDemoExperience!
SNEAKPEEK!
World®’16©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD15
16 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Questions?
17 ©2016CA.ALLRIGHTSRESERVED.@CAWORLD#CAWORLD
Stayconnectedatcommunities.ca.com
Thankyou.
@CAWORLD#CAWORLD ©2016CA.AllRIGHTSRESERVED.18 @CAWORLD#CAWORLD
Security
FormoreinformationonSecurity,pleasevisit:http://cainc.to/EtfYyw