Presentation is loading. Please wait.

Presentation is loading. Please wait.

Www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most.

Similar presentations


Presentation on theme: "Www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most."— Presentation transcript:

1 © QinetiQ North America, Inc QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most Important Assets Ernest Doring QinetiQ-North America September 2010

2 © QinetiQ North America, Inc QinetiQ North America, Inc. Several factors make information security a growing concern for today’s organizations … Increased Automation: With significant reductions in the size of government, organizations are increasingly conducting business processes through network- based information environments. More critical information is being put on-line and is potentially exposed to greater risk. Increased network vulnerability: IT environments in many organizations are evolving into relatively open architectures. This potentially simplifies an attacker’s problem and increases system vulnerability. Increased cyber threat: Burgeoning technology has given rise to a new generation of computer intruders possessing a wide array of advanced intrusion tools which can inflict damage to a degree that formerly was the exclusive purview of nations. This means more chances for unauthorized users to successfully attack your systems. 2

3 © QinetiQ North America, Inc QinetiQ North America, Inc. … Add to that the Demands on IT & Security … Increased Competitive Pressures Better Efficiency and Consistency Increased Demand from Stakeholders More Regulations Eliminate Redundancy Increase Transparency and Accountability Increasing Demands on IT and Security 3

4 © QinetiQ North America, Inc QinetiQ North America, Inc. …Resulting in Organizations Asking the following Questions 4  Are our Information security initiatives aligned with our business needs?  Are our customers’ and business partners’ information security initiatives and requirements compliant and compatible with ours?  Are our information security practices providing adequate assurance to meet regulation or compliance requirements?  Are we perceived as a responsive organization meeting the needs of our stakeholders, our customers, and trading partners?  Do our information security controls align with industry-related and internationally accepted guidelines?  Are we aware of our security risks and are they being effectively managed?  Are we measuring the effectiveness of our information security Investments?

5 © QinetiQ North America, Inc QinetiQ North America, Inc. … But There is No Silver Bullet Solution SECURE SYSTEMS PROCESSTECHNOLOGY PEOPLE Systems Expert Security Expert Systems IA Expert 5

6 © QinetiQ North America, Inc QinetiQ North America, Inc. … So What Can Be Done? … Enterprise Security Framework Framework leads to an effective and efficient means to evaluate, design, implement, and sustain your security program 6

7 © QinetiQ North America, Inc QinetiQ North America, Inc. Enterprise Security Framework Benefits Provides increased efficiency and economy of security throughout the organization Provides the ability to ensure centralized enforcement and oversight and decentralized management The central level element helps to coordinate and manage use of limited security-related resources throughout the organization Ensure that mechanisms are in place to provide coordination and unity of action between the central and the system level components Ensures appropriate and cost-effective security for each system Together, the multilevel components of an enterprise-wide IT security program will protect an organization’s valuable information resources 7


Download ppt "Www.QinetiQ-NA.com © QinetiQ North America, Inc. 2010 QinetiQ North America, Inc. 1 Implementing an Enterprise Security Framework – Safeguarding Your Most."

Similar presentations


Ads by Google