Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Operations Update

Published byDulcie Hubbard Modified over 6 years ago

Similar presentations

Presentation on theme: "Security Operations Update"— Presentation transcript:

1 Security Operations Update
{Month/Year} CONFIDENTIAL

2 Agenda Security Program News Projects Looking Forward
Updates from last meeting Completed, ongoing, new Recent developments Effect on risk metrics and controls Concerns Looking Forward Security Operations Metrics Next X Days Security operations Audit and compliance Risk drivers People, process, technology

3 Security Program News {This will cover anything new that has occurred since your previous update.}

4 Since the Last Meeting Action items (if any, from last meeting)
Security environment changes Business developments Industry or regulatory developments Concerns High level – reasons will be discussed in following section

5 Security Operations Metrics
{There are more metrics slides here that you will want to use. They are meant to be illustrative of how to show security operations performance, risk and controls.}

6 Security Operations Metrics
Scorecard: Consistent (meeting over meeting) security metrics without jargon. Current measure, status and trend for all metrics. Adjust these metrics for your environment. There should be a governing security KRI.

7 Security Operations Metrics
Governing security KRI trend Explanation (next slides) Organizational risk contributors Risk metrics and drivers Easy-to-spot risk trend

8 Security Operations Metrics
Risk Contributors: Where in the organization is risk concentrated? Metrics breakdown by organization contributor. Use the same metrics as on the scorecard.

9 Security Operations Metrics
Risk Matrix: An alternative view of overall risk contribution. LIKELIHOOD HIGH LOW IMPACT SUPPORT SERVICES Metrics breakdown by organization contributor. CORE SERVICES Focus attention on business problem area. MARKETING MANUFACTURING DEVELOPMENT EXECUTIVE ADMIN HARDWARE

10 Compliance Metric (% controls, findings, etc.)
Audit and Compliance Included in risk scorecard Compliance challenges Last audit: mm/dd/yy by ___________ Significant findings Compliance Metric (% controls, findings, etc.)

11 Clear indication of trend over time.
Risk Drivers: People Observation Rate of severity for outbound access has been increasing over the past week Metric Event severity trend Actions Taken Improved rules in defenses, but increase still occurring Suggestion Target people with highest risk profile and have them go through a training course Clear indication of trend over time.

12 Show Process Metrics by organization/function
Risk Drivers: Process Observation Time to patch has reduced Metric Compliance by Department Actions Taken Analyzed which org units were most behind Suggestion Internal training Meeting with middle management to get buy-in for employee machine reboots, stronger enforcement of security patch reboots Show Process Metrics by organization/function

13 Risk Drivers: Controls
Identify Protect Detect Respond Recover Total Devices 5 9 6 2 22 Apps 4 Networks 7 8 33 Data 1 16 Users 17 25 13 10 75/250 Observation Risk controls concentrated on network, devices and data Users and apps largely unprotected Limited response and recovery capabilities Metric Cyber defense matrix (defense in depth) Actions Taken Implemented end-point protection on devices Suggestion Address users and apps next Then work on improving overall control maturity Ratings represent technologies and processes Scores can also be plotted over time.

14 Projects {These should align to the metrics shown and objectives discussed.}

15 Project Status Maps to Risk Metrics Report Project Status Date %
Compliance Controls Metric(s) Network Segmentation Complete 1/1/17 100 PCI DSS Scoping NW - Prot Corporate Intrusion Protection System (IPS) In Progress 4/1/17 50 CSC 12 Defenses BigFix Endpoint Management 6/1/17 25 PCI Dev – Det/Prot Defenses Surface Area Maps to Risk Drivers – Controls Table

16 Looking Forward {What to expect by the next update.}

17 Next X Days Business operations impact(s) Training
Project 1 Type (security awareness, phishing, etc.) Project 2 Audits / GAP analysis Dates Type (SSAE 16, PCI, FFIEC, ISO, etc.) Other Participants (vendor, departments, executives, others) Dates (audit, report, etc.)

18 Backup

19 What You Should Not Do Technical Jargon Statistics No Business Context

Download ppt "Security Operations Update"

Similar presentations

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
PRODUCT FOCUS 5/27/14 – 6/6/14 INTRODUCTION Our Product Focus for the next two weeks is CompTIA. CompTIA is most well known for serving as the backbone.

PRODUCT FOCUS 5/27/14 – 6/6/14 INTRODUCTION Our Product Focus for the next two weeks is CompTIA. CompTIA is most well known for serving as the backbone.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
Security Controls – What Works

Security Controls – What Works
Computer Security: Principles and Practice

Computer Security: Principles and Practice
What is an EMS? A framework that helps a company achieve its environmental goals through consistent control of its operations. Plan Do Check Act.

What is an EMS? A framework that helps a company achieve its environmental goals through consistent control of its operations. Plan Do Check Act.
Charting a course PROCESS.

Charting a course PROCESS.
Documenting Network Design

Documenting Network Design
InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.

InformationWeek 2014 Strategic Security Survey Research Findings © 2014 Property of UBM Tech; All Rights Reserved.
K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss

K E M A, I N C. NERC Cyber Security Standards and August 14 th Blackout Implications OSI PI User Group April 20, 2004 Joe Weiss
Lessons Learned in Smart Grid Cyber Security

Lessons Learned in Smart Grid Cyber Security
Business Analysis: A Business Unit Perspective International Institute of Business Analysis January 18, 2012.

Business Analysis: A Business Unit Perspective International Institute of Business Analysis January 18, 2012.
Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.
Study Results Advanced Persistent Threat Awareness.

Study Results Advanced Persistent Threat Awareness.
Security Policy Evaluation Using Balanced Scorecards Mohamad El Osta MBA 737 April 29, 2008.

Security Policy Evaluation Using Balanced Scorecards Mohamad El Osta MBA 737 April 29, 2008.
Managing Risk Through Performance Measurement FIRMA Risk Management Training Conference Lori Loken-King - SVP Union Bank, N.A., Operational Risk Management.

Managing Risk Through Performance Measurement FIRMA Risk Management Training Conference Lori Loken-King - SVP Union Bank, N.A., Operational Risk Management.
STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Paul de Souza Chapter 18 - National Cyber Defense Strategy, Pg. 224.

STRATEGIC INTELLIGENCE MANAGEMENT Chapter by Paul de Souza Chapter 18 - National Cyber Defense Strategy, Pg. 224.
April 14, 2003- A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.
Initiative Management Council Update # - Strategic Initiative Initiative Owner Date.

Initiative Management Council Update # - Strategic Initiative Initiative Owner Date.
Holistic Approach to Security

Holistic Approach to Security

Similar presentations

Ads by Google