Transcript Slide 1

DATA-CENTRIC SECURITY
FRAMEWORK
Matt Bossom – Program Manager
What Keeps You Awake at Night
Compliance
Are there regulatory risks?
Critical
Infrastructure
Competitive
Advantage
Are insiders creating
vulnerabilities?
Are insiders putting
the organization at risk?
Are intruders gaining access
and removing data?
Are you better able to protect
your customers’ and
partners’ data?
Corporate Governance
Do employees respect and adhere
to internal policies and controls?
Data Loss is Expensive
• $204 Per Consumer Record
• $600 Billion IP Theft a Year Globally
• Across all industries, data loss is challenging
COST OF DATA BREACHES
AVERAGE TOTAL PER-INCIDENT COST
$6.35
$7.00
$6.65
$6.75
$6.00
$5.00
$4.54
$4.79
$4.00
$Mil
$3.00
$2.00
$1.00
$0.00
2005
2006
2007
Ponemon Institute 5th Annual US Cost of Data Breach Study
2008
2009
COST OF DATA BREACHES
COST PER COMPROMISED RECORD
$250
$197
$202
$204
$182
$200
$138
$150
$100
$50
$0
2005
2006
2007
Ponemon Institute 5th Annual US Cost of Data Breach Study
2008
2009
Complexities
Where is the
Data
“The big issue is knowing
where the information is in
the first place.“ John Geater
Bridging the gap between RCM
and Data Protection
DLP PROJECTS ARE COMPLEX….
Data
Identification
Actionable
Auditing
Policy
Implementation
Policy Design
Deployment Services
Quick Start Services
Product Evaluation
Policy Tuning Services



How is my data used?
Where is my data going?

How do I enforce
inline with
business
processes?

How do I extend
policies across the
network and to
remote workers?
WEBSENSE

Data my
Is it violating
Monitor
policies or external
regulations?
WEBSENSE
Data
How isDiscover
it leaving?

Where is my data?

How much is there?

Is it at risk?
CHARACTERISTICS OF A SUCCESSFUL DLP
PROGRAM
 Executive level sponsorship and involvement to successfully protect
data, change business processes and shape employee behavior
 Cross-functional teams of business, legal and technical staff focused
on a comprehensive program to reduce risk across the enterprise
 A prioritized approach - confidential data has many forms and many
locations - target the most critical data first
 A trained Incident Response Team (IRT)
 Clearly defined roles, responsibilities, and procedures
 Employee education to enforce data protection policies
DLP Analysis
People
Data
Process
Who are your
users?
What type of data
do you have?
What communication
channels are in use?
Who are the
data stakeholders?
Where is your
data located?
What are your data
security policies?
Who should/not
use your data?
What is the value
of your data?
What are good/bad
data processes?
Accuvant: Complete Data Protection
Phased deployment path to complete data protection
Encrypt
laptops
Block
unauthorized
devices
Discover and
Classify Data
Monitor and
secure all data
routes
Protection and Compliance
Audit and
Forensics
DLP RISK ASSESSMENT
Understand your organization’s current exposure to data
loss and then design a DLP strategy
• Architectural-level examination of the enterprise environment
• Assess current state of data security
• Focus on industry best practices and applicable regulations
(e.g., PCI, HIPAA, GLBA, SOX)
• Identify potential enterprise risks and exposures
• Propose opportunities for improvement and mitigation
• Utilize DLP kit for data monitoring and analysis
Case Study – Fortune 500 Retailer
World Class Expertise
 Business Need:
 Understand risks to the Regulations
businessControl
with regard to credit card information
residing on laptops across
the company.
Framework
Partners/
Customers
Policy
 Solution:
and Awareness
Risk
 Accuvant found over
240,000
files
containing
credit card numbers and 70,000
Assessment
sensitive files identified and tagged
Automate
detailedControls
findings
Assessments
 Delivered
report (e.g., end users had sensitive information
sprawled throughout disk drives)
Audit
 Reduced risk by
identified
Improve
Treat
havingControls
end usersRisks
delete
or encrypt the sensitive files
 Implemented a new security education program
Case Study – Largest County in US
World Class Expertise
 Business Need:
 Driven by compliance requirements
associated with SB 1386, Personally
Regulations
Control
Identifiable Information (PII)
Framework
Partners/
 Driven by a State ofCustomers
CA Mandate tied specifically to Medi-Cal data
Risk
Policy
and Awareness
 Solution:
Assessment
 Accuvant assisted with the vendor evaluation and proof of concept
Automate
Assessments
 Data lifecycle management
was performed to locate critical data assets and
Controls
create sensitive data classification levels
Audit
Treat
 Data discovery exerciseImprove
was completed
to identify unknown data stores and
Controls
Risks
develop data ownership matrix
 Implemented a DLP solution with a phased approach, starting with network,
endpoints and then data shares
Why Accuvant
World Class Experience
- Mature, very well-rounded team
- Combining Information Security expertise with RCM focus
- Insight into multi-vendor solutions
- Industry known – authors and speakers
WHY ACCUVANT TS SERVICES?
QUESTIONS?