Data-Centric Security Framework

15
DATA-CENTRIC SECURITY FRAMEWORK Matt Bossom – Program Manager

description

Data-Centric Security Framework. Matt Bossom – Program Manager. What Keeps You Awake at Night. C. C. C. C. Compliance. Are there regulatory risks?. Critical Infrastructure. Competitive Advantage. Are insiders creating vulnerabilities? Are intruders gaining access and removing data?. - PowerPoint PPT Presentation

Transcript of Data-Centric Security Framework

Page 1: Data-Centric Security Framework

DATA-CENTRIC SECURITY FRAMEWORK

Matt Bossom – Program Manager

Page 2: Data-Centric Security Framework

What Keeps You Awake at NightCompliance

Corporate Governance

CriticalInfrastructure

Are there regulatory risks?

Do employees respect and adhere to internal policies and controls?

Are insiders creating vulnerabilities?

Are intruders gaining access and removing data?

Competitive AdvantageAre insiders putting the organization at risk?Are you better able to protect your customers’ and partners’ data?

Page 3: Data-Centric Security Framework

Data Loss is Expensive• $204 Per Consumer Record • $600 Billion IP Theft a Year Globally• Across all industries, data loss is challenging

Page 4: Data-Centric Security Framework

COST OF DATA BREACHESAVERAGE TOTAL PER-INCIDENT COST

2005 2006 2007 2008 2009$0.00

$1.00

$2.00

$3.00

$4.00

$5.00

$6.00

$7.00

$4.54 $4.79

$6.35 $6.65 $6.75

$Mil

Ponemon Institute 5th Annual US Cost of Data Breach Study

Page 5: Data-Centric Security Framework

COST OF DATA BREACHESCOST PER COMPROMISED RECORD

2005 2006 2007 2008 2009$0

$50

$100

$150

$200

$250

$138

$182

$197 $202 $204

Ponemon Institute 5th Annual US Cost of Data Breach Study

Page 6: Data-Centric Security Framework

Complexities

Where is the Data

“The big issue is knowing where the information is in the first place.“ John Geater

Bridging the gap between RCM and Data Protection

Page 7: Data-Centric Security Framework

DLP PROJECTS ARE COMPLEX….

Data Identification

Actionable Auditing Policy Design Policy

Implementation

WEBSENSE

Data Discover

WEBSENSE

Data Monitor

Quick Start Services

Policy Tuning Services

Deployment ServicesProduct Evaluation

How is my data used? Where is my data going? Is it violating my policies

or external regulations?

How is it leaving?

Where is my data?

How much is there?

Is it at risk?

How do I enforce inline with business processes?

How do I extend policies across the network and to remote workers?

Page 8: Data-Centric Security Framework

CHARACTERISTICS OF A SUCCESSFUL DLP PROGRAM

Executive level sponsorship and involvement to successfully protect data, change business processes and shape employee behavior

Cross-functional teams of business, legal and technical staff focused on a comprehensive program to reduce risk across the enterprise

A prioritized approach - confidential data has many forms and many locations - target the most critical data first

A trained Incident Response Team (IRT)

Clearly defined roles, responsibilities, and procedures

Employee education to enforce data protection policies

Page 9: Data-Centric Security Framework

DLP Analysis

Who are yourusers?

Who are thedata stakeholders?

Who should/notuse your data?

Data

What type of datado you have?

Where is yourdata located?

What is the valueof your data?

What communicationchannels are in use?

What are your datasecurity policies?

What are good/baddata processes?

People Process

Page 10: Data-Centric Security Framework

Accuvant: Complete Data Protection

Protection and Compliance

Phased deployment path to complete data protection

Block unauthorized devices

Encrypt laptops

Monitor and secure all data routes

Discover and Classify Data

Audit and Forensics

Page 11: Data-Centric Security Framework

DLP RISK ASSESSMENT

• Architectural-level examination of the enterprise environment• Assess current state of data security• Focus on industry best practices and applicable regulations

(e.g., PCI, HIPAA, GLBA, SOX)• Identify potential enterprise risks and exposures• Propose opportunities for improvement and mitigation• Utilize DLP kit for data monitoring and analysis

Understand your organization’s current exposure to data loss and then design a DLP strategy

Page 12: Data-Centric Security Framework

Control Framework

Policy and Awareness

Assessments

AuditTreatRisks

ImproveControls

AutomateControls

RiskAssessment

Partners/Customers

Regulations

World Class Expertise

Business Need: Understand risks to the business with regard to credit card information

residing on laptops across the company.

Solution: Accuvant found over 240,000 files containing credit card numbers and 70,000

sensitive files identified and tagged

Delivered detailed findings report (e.g., end users had sensitive information sprawled throughout disk drives)

Reduced risk by having end users delete or encrypt the sensitive files identified

Implemented a new security education program

Case Study – Fortune 500 Retailer

Page 13: Data-Centric Security Framework

Control Framework

Policy and Awareness

Assessments

AuditTreatRisks

ImproveControls

AutomateControls

RiskAssessment

Partners/Customers

Regulations

World Class Expertise Business Need:

Driven by compliance requirements associated with SB 1386, Personally Identifiable Information (PII)

Driven by a State of CA Mandate tied specifically to Medi-Cal data

Solution: Accuvant assisted with the vendor evaluation and proof of concept Data lifecycle management was performed to locate critical data assets and

create sensitive data classification levels Data discovery exercise was completed to identify unknown data stores and

develop data ownership matrix Implemented a DLP solution with a phased approach, starting with network,

endpoints and then data shares

Case Study – Largest County in US

Page 14: Data-Centric Security Framework

WHY ACCUVANT TS SERVICES?

World Class Experience - Mature, very well-rounded team - Combining Information Security expertise with RCM focus - Insight into multi-vendor solutions - Industry known – authors and speakers

Why Accuvant

Page 15: Data-Centric Security Framework

QUESTIONS?