1. Welcome To Presentation on Holistic Information Security Management

2. Achieving Operational Excellence in Information Security Management

3. Agenda Part 1 Why we need security on operational basis- because current models are failing us Part 2 What does operational security entail- the new model of security management Part 3 How as full service managed security provider, we can assist you to set up and manage security on operational basis

4. Part 1- Why it is needed?

5. We cannot afford security breaches today 1.Today attacks are getting more financially motivated and with internal complicity Consequently, the financial losses are rising For breaches with proprietary/ customer data loss, the average cost is US $ 4.2 million (Data Breach survey 2009)

6. We cannot afford security breaches today 2. Growing consensus in International community on downstream liability You are liable for attacks launched off of your machines and networks. You can be sued if your security weakness allowed someone to launch an attack via your server or network upon a third party.

7. We cannot afford security breaches today 3. Customers, regulators and markets have become more demanding and punishing Over 2.5% of customers move out after disclosure of security incidents affecting them. Additionally, 40% of potential customers have apprehensions of opening business with the provider (Ponemon Institute) Regulations like SOX, Data Protection Act, Privacy rules create legal as well as personal liability. Share prices drop from 0.63% to 2.10% in value when a major breach is reported (Emory university survey)

8. 9.9% 11.8% 16.9% Investments in risk management are high.

9. Credit Card Breach Exposes 40 Million Accounts Bank Of America Loses A Million Customer Records Pentagon Hacker Compromises Personal Data Online Attack Puts 1.4 Million Records At Risk Hacker Faces Extradition Over 'Biggest Military Computer Hack Of All Time' Laptop Theft Puts Data Of 98,000 At Risk Medical Group: Data On 185,000 People Stolen Hackers Grab LexisNexis Info on 32000 People ChoicePoint Data Theft Widens To 145,000 People PIN Scandal 'Worst Hack Ever'; Citibank Only The Start ID Theft Hit 3.6 Million In U.S. Georgia Authority Hack Exposes Confidential Information of 570,000 Members Scammers Access Data On 35,000 Californians Payroll Firm Pulls Web Services Citing Data Leak Hacker Steals Online Shoppers' Personal Information Undisclosed Number of Verizon Employees at Risk of Identity Theft Credit Card Breach Exposes 40 Million Accounts Bank Of America Loses A Million Customer Records Mitsui Bank Hacker Compromises Personal Data Online Attack Puts 1.4 Million Records At Risk Hacker Faces Extradition Over 'Biggest Computer Hack Of All Time' Laptop Theft Puts Data Of 98,000 At Risk Wachovia Bank: Data On 185,000 Customers Stolen Hackers Grab LexisNexis Info on 32000 People Yet, Security Breaches Are Only Rising…

10. Breaches are spreading in Middle East also… December, 2005 Senior official manipulates systems for financial fraud A senior official has been charged with manipulation of ERP application… July, 2005 Banks hit by wave of hacking attacks … atleast two banks – NBD and Mashreqbank suspended some of its online banking services citing the threat of banking attacks…. May, 2006 ATM fraud forces banks to issue fresh cards to 1,100 customers Emirates Bank & Standard Chartered … June, 2006 HSBC customers hit by Phishing attack Internet users in the UAE are being warned to be on their guard following a massive phishing scam targeting HSBC customers…

11. Credit Card Breach Exposes 40 Million Accounts Bank Of America Loses A Million Customer Records Pentagon Hacker Compromises Personal Data Online Attack Puts 1.4 Million Records At Risk Hacker Faces Extradition Over 'Biggest Military Computer Hack Of All Time' Laptop Theft Puts Data Of 98,000 At Risk Medical Group: Data On 185,000 People Stolen Hackers Grab LexisNexis Info on 32000 People ChoicePoint Data Theft Widens To 145,000 People PIN Scandal 'Worst Hack Ever'; Citibank Only The Start ID Theft Hit 3.6 Million In U.S. Georgia Technology Authority Hack Exposes Confidential Information of 570,000 Members Scammers Access Data On 35,000 Californians Payroll Firm Pulls Web Services Citing Data Leak Hacker Steals Air Force Officers' Personal Information Undisclosed Number of Verizon Employees at Risk of Identity Theft Nearly 9 out of 10 businesses have suffered some form of security breach. (CSI/FBI survey) Worldwide, 51% of organizations faced some form of security failure last year (PC Mag) Clearly, Current Models are Failing Us..

12. Current Model Underlying Problem Security is not a one-time project with a beginning and an end. It requires continuous improvement comprising planning, executing, checking, and then taking further action. Achieving a particular state of security is no guarantee that it can be sustained.

13. Part 2- New Model: What it entails?

14. What we need now is new model for operational excellence- Holistic Continuous Integrated Business Focused

15. Business problem Technology problem Current Focus Desired Focus Firewalls Intrusion detection Viruses, worms Patch management Encryption Service interruption Customer privacy Business integrity Financial loss Regulatory compliance Business focus

16. From Point in time Assessments We require a new model that… To Continual Risk Aware System Point in Time Assessments Continual Risk Aware System

17. From Policy & Products We require a new model that… To Continual Mitigation System Point in Time Assessments Continual Risk Aware System Policy & Products Continual Mitigation System

18. From Security Administration We require a new model that… To Continual Threat, Vulnerability and Identity Management Point in Time Assessments Continual Risk Aware System Policy & Products Continual Mitigation System Security Administration Continual Threat, Vulnerability & Identity Management

19. From IT Assets We require a new model that… To Channels, Business And Process Risks Point in Time Assessments Continual Risk Aware System Policy & Products Continual Mitigation System Security Administration Continual Threat, Vulnerability & Identity Management

20. Our Integrated Model

21. Integrated Risk Management Components

22. Need for SOC IT systems have security weaknesses (Vulnerabilities) These weaknesses may be used for system compromise (Threats) In ideal scenario, security can be achieved if All vulnerabilities are removed at all times Or all threats are blocked at all times In practice, vulnerabilities and threats can be protected to degrees. For continuous security, it is essential to manage both Increasing vulnerabilities and threats require robust security operations Setup a Security Operations Center (SOC) to integrate multiple security functions and continuously manage operations

23. SOC Components Access Management Vulnerability Management Threat Management Security Operations Center (SOC) Automation & Integration of Security Operations

24. SOC Architecture

25. Workflows pre-defined in our response desk

26. SOC Benefits 24X7X365 management of security Proactive approach to security including early detection & mitigation of vulnerabilities and threats Integration of multiple security processes, heterogeneous platforms for higher efficiencies & effectiveness Centralized security operations resulting in better control and visibility Holistic approach to security as against piecemeal approach

27. Thank You epourmand@remisco.com