Security Operations Update

Slides:

Advertisements

Similar presentations

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

Advertisements

PRODUCT FOCUS 5/27/14 – 6/6/14 INTRODUCTION Our Product Focus for the next two weeks is CompTIA. CompTIA is most well known for serving as the backbone.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Security Controls – What Works

Computer Security: Principles and Practice

What is an EMS? A framework that helps a company achieve its environmental goals through consistent control of its operations. Plan Do Check Act.

Charting a course PROCESS.

Documenting Network Design

InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

Lessons Learned in Smart Grid Cyber Security

Business Analysis: A Business Unit Perspective International Institute of Business Analysis January 18, 2012.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Study Results Advanced Persistent Threat Awareness.

Security Policy Evaluation Using Balanced Scorecards Mohamad El Osta MBA 737 April 29, 2008.

Managing Risk Through Performance Measurement FIRMA Risk Management Training Conference Lori Loken-King - SVP Union Bank, N.A., Operational Risk Management.

STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Paul de Souza Chapter 18 - National Cyber Defense Strategy, Pg. 224.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

Initiative Management Council Update # - Strategic Initiative Initiative Owner Date.

Holistic Approach to Security

LeToia Crozier, Esq., CHC Vice President, Compliance & Regulatory Affairs Corey Wilson Director of Technical Services & Security Officer Interactive Think.

Eliza de Guzman HTM 520 Health Information Exchange.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Defense in Depth. 1.A well-structured defense architecture treats security of the network like an onion. When you peel away the outermost layer, many.

Vendor Management from a Vendor’s Perspective. Agenda Regulatory Updates and Trends Examiner Trends Technology and Solution Trends Common Issues and Misconceptions.

FFIEC Cyber Security Assessment Tool

Texas Nodal Program ERCOT Readiness Update TPTF June 23, 2008.

Data Center Management Microsoft System Center. Objective: Drive Cost of Data Center Management 78% Maintenance 22% New Issue:Issue: 78% of IT budgets.

Information Security Framework Regulatory Compliance and Reporting Auditing and Validation Metrics Definition and Collection Reporting (management, regulatory,

Program Overview and 2015 Outlook Finance & Administration Committee Meeting February 10, 2015 Sheri Le, Manager of Cybersecurity RTD.

Welcome Information Security Office Services Available to Counties Security Operations Center Questions.

Business Continuity Planning 101

Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 17 – IT Security.

Donald JG Chiarella, PhD, CISM, CDMP, PEM, CHS-CIA, MBA.

Business Continuity and Disaster Recovery

Defining your requirements for a successful security (and compliance

Law Firm Data Security: What In-house Counsel Need to Know

Rapid Launch Workshop ©CC BY-SA.

Cisco Compliance Management and Configuration Service

The Cybersecurity Framework

ISO 14001: 2004 Environmental Management Review Presentation

Cyber Security Enterprise Risk Management: Key to an Organization’s Resilience Richard A. Spires CEO, Learning Tree International Former CIO, IRS and.

Security of In-Vehicle Software

Team 2 – understand vulnerabilities

Guidelines for NSPRC Presentations

Leverage What’s Out There

Energy Management System (EnMS) Management Review

Cyber Protections: First Step, Risk Assessment

NIST Cybersecurity Framework

San Francisco IIA Fall Seminar

Description of Revision

Cyber defense management

Guidelines for NSPRC Presentations

CIS 558Competitive Success/tutorialrank.com

I have many checklists: how do I get started with cyber security?

Making Information Security Manageable with GRC

Audit Planning Presentation - Disaster Recovery Plan

Managing Change and Other Keys to Successful Implementation

IS4680 Security Auditing for Compliance

Network Security Best Practices

Beekeeper: Path to Growth

Cyber security Policy development and implementation

Cybersecurity ATD technical

Safety Self-Inspections

Cyber Security in a Risk Management Framework

Define Your IT Strategy

Organization Design Project support overview Presenter's Name

KEY INITIATIVE Shared Services Optimization

In the attack index…what number is your Company?

Key Activities/ Milestones

Presentation transcript:

Security Operations Update {Month/Year} CONFIDENTIAL

Agenda Security Program News Projects Looking Forward Updates from last meeting Completed, ongoing, new Recent developments Effect on risk metrics and controls Concerns Looking Forward Security Operations Metrics Next X Days Security operations Audit and compliance Risk drivers People, process, technology

Security Program News {This will cover anything new that has occurred since your previous update.}

Since the Last Meeting Action items (if any, from last meeting) Security environment changes Business developments Industry or regulatory developments Concerns High level – reasons will be discussed in following section

Security Operations Metrics {There are more metrics slides here that you will want to use. They are meant to be illustrative of how to show security operations performance, risk and controls.}

Security Operations Metrics Scorecard: Consistent (meeting over meeting) security metrics without jargon. Current measure, status and trend for all metrics. Adjust these metrics for your environment. There should be a governing security KRI.

Security Operations Metrics Governing security KRI trend Explanation (next slides) Organizational risk contributors Risk metrics and drivers Easy-to-spot risk trend

Security Operations Metrics Risk Contributors: Where in the organization is risk concentrated? Metrics breakdown by organization contributor. Use the same metrics as on the scorecard.

Security Operations Metrics Risk Matrix: An alternative view of overall risk contribution. LIKELIHOOD HIGH LOW IMPACT SUPPORT SERVICES Metrics breakdown by organization contributor. CORE SERVICES Focus attention on business problem area. MARKETING MANUFACTURING DEVELOPMENT EXECUTIVE ADMIN HARDWARE

Compliance Metric (% controls, findings, etc.) Audit and Compliance Included in risk scorecard Compliance challenges Last audit: mm/dd/yy by ___________ Significant findings Compliance Metric (% controls, findings, etc.)

Clear indication of trend over time. Risk Drivers: People Observation Rate of severity for outbound access has been increasing over the past week Metric Event severity trend Actions Taken Improved rules in defenses, but increase still occurring Suggestion Target people with highest risk profile and have them go through a training course Clear indication of trend over time.

Show Process Metrics by organization/function Risk Drivers: Process Observation Time to patch has reduced Metric Compliance by Department Actions Taken Analyzed which org units were most behind Suggestion Internal training Meeting with middle management to get buy-in for employee machine reboots, stronger enforcement of security patch reboots Show Process Metrics by organization/function

Risk Drivers: Controls Identify Protect Detect Respond Recover Total Devices 5 9 6 2 22 Apps 4 Networks 7 8 33 Data 1 16 Users 17 25 13 10 75/250 Observation Risk controls concentrated on network, devices and data Users and apps largely unprotected Limited response and recovery capabilities Metric Cyber defense matrix (defense in depth) Actions Taken Implemented end-point protection on devices Suggestion Address users and apps next Then work on improving overall control maturity Ratings represent technologies and processes Scores can also be plotted over time.

Projects {These should align to the metrics shown and objectives discussed.}

Project Status Maps to Risk Metrics Report Project Status Date % Compliance Controls Metric(s) Network Segmentation Complete 1/1/17 100 PCI DSS Scoping NW - Prot Corporate Intrusion Protection System (IPS) In Progress 4/1/17 50 CSC 12 Defenses BigFix Endpoint Management 6/1/17 25 PCI Dev – Det/Prot Defenses Surface Area Maps to Risk Drivers – Controls Table

Looking Forward {What to expect by the next update.}

Next X Days Business operations impact(s) Training Project 1 Type (security awareness, phishing, etc.) Project 2 Audits / GAP analysis Dates Type (SSAE 16, PCI, FFIEC, ISO, etc.) Other Participants (vendor, departments, executives, others) Dates (audit, report, etc.)

Backup

What You Should Not Do Technical Jargon Statistics No Business Context