DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer...
Transcript of DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer...
![Page 1: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/1.jpg)
1
DIGITAL RISK MANAGEMENT
C O N F I D E N T I A L
Andy Waterhouse
EMEA Presales Director
Twitter : @Andy_J_W
![Page 2: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/2.jpg)
2
DIGITAL TRANSFORMATION
![Page 3: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/3.jpg)
3
D I G I TA L I T W O R K F O R C E S E C U R I T Y
TRANSFORMATION
![Page 4: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/4.jpg)
4 T R A D I T I O N A L B U S I N E S S R I S K D I G I TA L R I S K
WITH DIGITAL TRANSFORMATION,DIGITAL RISK IS THE GREATEST FACET OF RISK THAT BUSINESSES FACE
D I G I TA L A D O P T I O N
RIS
K
LOW
HIGH
MEDIUM
![Page 5: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/5.jpg)
5
By 2020, 60% of digital businesses
will suffer major service failures,
due to the inability of IT security
teams to manage digital risk.
– Gartner
60%
![Page 6: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/6.jpg)
66
G R CI T S E C U R I T Y
? ??
C E O /
B O A R D
M A L I C E M A N D AT E SM O D E R N I Z AT I O N
![Page 7: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/7.jpg)
77
G R CI T S E C U R I T Y
D I G I TA L R I S K
? ??
C E O /
B O A R D
VISIBILITY
VINSIGHTS
IACTION
A
![Page 8: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/8.jpg)
88
SECURITY
OPERATIONS
V
I
A
USER
ACCESS
V
I
A
RISK
MANAGEMENT
V
I
A
CRITICAL DOMAINSF o r M a n a g i n g C o m p l e x C h a l l e n g e s
![Page 9: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/9.jpg)
99
V I S I B I L I T Y
▪Users, devices, endpoints, infrastructure, and
applications
▪Data from all pieces of their infrastructure
including physical offices, virtual data centers and
public clouds
▪Make sense of large data sets – Metadata
I N S I G H T S
▪Overlay Threat Intelligence onto the data they
collect
▪Variety of Detection Rules and User and Entity
Behavioral Analytics
▪Connect various pieces of seemingly disparate
events to gain insight into targeted campaign
A C T I O N
▪Quickly investigate incidents with detail all the
way down to the user and machine to
understand root cause
▪Orchestrate and automate repetitive
investigations
V
I
A
V
A
V
A
SECURITY OPERATIONS
REQUIREMENTS
![Page 10: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/10.jpg)
1010
V I S I B I L I T Y
▪Engage cross functionally to set a wide aperture
of risk
▪Feed with the business' objectives, assets,
resources and third party relationships
▪ Integrate a diverse and broad set of data sources
I N S I G H T S
▪Weigh identified risks against business context
▪ Leverage past incidents to help predict/prevent
future incidents
▪Develop a unified analysis of risk across risk
domains
A C T I O N
▪Track the steps, workflow, accountability and
status of risk response actions
▪Provide risk information back to the first line of
defense to enable better business decisions
▪ Incorporate root cause analysis to continuously
improve the process and risk outcomes
V
I
A
V
A
V
A
RISK MANAGEMENT
REQUIREMENTS
![Page 11: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/11.jpg)
1111
V I S I B I L I T Y
▪Quickly investigate incidents with detail all the way
down to the user and machine to understand root
cause
▪Orchestrate and automate repetitive investigations
I N S I G H T S
▪Understand typical and anomalous usage patterns
▪ Identify new “good” patterns to establish new
baselines
A C T I O N
▪Challenge a user’s identity or transaction based
on new context and insights
▪Capabilities to terminate or limit a user’s access
V
I
A
V
A
V
A
USER ACCESS
REQUIREMENTS
![Page 12: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/12.jpg)
1212
SECURITY
OPERATIONS
V
I
A
USER
ACCESS
RISK
MANAGEMENT
CROSS DOMAIN REQUIREMENTS
V
I
A
V
I
A
![Page 13: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/13.jpg)
13
NEW REQUIREMENTS
A unified, phased approach to provide visibility, insights, and action to manage digital risk
![Page 14: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/14.jpg)
14
SECURITY
OPERATIONS
V
I
A
USER
ACCESS
V
I
A
RISK
MANAGEMENT
V
I
A
![Page 15: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/15.jpg)
1515
SECURITY
OPERATIONS
V
I
A
USER
ACCESS
V
I
A
RISK
MANAGEMENT
V
I
A
V A
I
CROSS DOMAIN
EXAMPLE: Pul l ing
Bus iness Impac t
Ana lys is in Secur i t y
Opera t ions
▪Security Operations teams (responsible
for Exclusion) are short staffed and
overwhelmed by alerts
▪Pulling BIA from Risk Management into
the SIEM can inform prioritization of both
Visibility (what do I need to monitor) and
Action (how do I respond to threats)
What to Monitor
How to Respond
![Page 16: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/16.jpg)
1616
SECURITY
OPERATIONS
V
I
A
USER
ACCESS
V
I
A
RISK
MANAGEMENT
V
I
A
V A
I
▪ IAM provides visibility of access request
▪UEBA flags as abnormal and triggers
action (step up auth) within IAM system
CROSS DOMAIN
EXAMPLE: UEBA
app l ied to IAM
Normal Access Request
Abnormal Usage; Step-up Authentication
![Page 17: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/17.jpg)
1717
SECURITY
OPERATIONS
V
I
A
USER
ACCESS
V
I
A
RISK
MANAGEMENT
V
I
A
V A
CROSS DOMAIN
EXAMPLE: Al ign ing
Consumer Fraud w i th
I nc iden t Management
▪User Access feeds adaptive
authentication case management data
into Risk Management
▪Risk Management builds Incident
Management workflow and feeds into
User Access platform
IIncident Management
Workflow
Adaptive Auth
data / rules
![Page 18: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/18.jpg)
18
G R CI T S E C U R I T Y
D I G I TA L R I S K
? ??
C E O /
B O A R D
VISIBILITY
VINSIGHTS
IACTION
A$ VALUE
![Page 19: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/19.jpg)
19
LOS ANGELES WORLD AIRPORTSCustomer – Owner and Manager of LAX and Van Nuys Airports
Issue
▪ Disparate threat intelligence, IT,
Risk data
Solution
▪ RSA NetWitness Suite
▪ RSA Archer Suite
▪ Bring immediate context to security
events from a single dashboard
Outcome
Improved quality and speed for
incident response and recovery“We need to make sure that our security posture consistently
mirrors the needs of the organization…
RSA understands the importance of this connection and provides
us with the solutions that ensure that our security strategy is
always driven by our business objectives.”
- Anson Fong, CISO
![Page 20: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/20.jpg)
20
INFOSYSCustomer – International IT Firm
Issue
▪ Secure Access for 200,000
employees
▪ Nearly 100 log-types used for
several different purposes
▪ Complex, multinational
compliance requirements
Solution
▪ RSA SecurID Suite
▪ RSA NetWitness Suite
▪ RSA Archer Suite
Outcome
Greater impact and effectiveness
of security and compliance
operations
“My goal is to leverage automation as much as possible, while at
the same time, to push both visibility and accountability
throughout the organization.”
“RSA is one of the key partners I use to ensure that my
organization accurately supports the company’s business goals.”
- Vishal Salvi, CISO and SVP
![Page 21: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/21.jpg)
21
DIGITAL RISK MATURITYM
AT
UR
IT
Y
INFORMATION
TECHNOLOGY
SECURITY
OFFICE
RISK MGT /
COMPLIANCE
OFFICE
BOD /
EXECS
▪Siloed
▪Ad Hoc, Reactive
▪Trigger Events
▪Tactical POV
▪Managed
▪Platform Approach
▪Pervasive Visibility
▪ Leverage Technology
▪ Integrate Silos
▪Optimized
▪Sharing and Collaborating Across Silos
▪ Integrated business & risk context
▪Priorities and resources aligned with risk and business objectives
![Page 22: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/22.jpg)
22
MATURITY IN FOUR KEY AREAS
* Sourced from ARMA International Generally Accepted Recordkeeping Principles
RSA Risk and Cybersecurity Practice
Ability to identify sophisticated attacks & breaches, lateral movement, initial impact
and effectively respond with a cross functional response
Risk is considered from perspective of loss events, opportunity costs and enhancing
likelihood of achieving objectives and executing strategy. Risk taking decisions
are proactive
Business context is completely infused into compliance processes and technology.
Monitoring capabilities alert stakeholders to impactful regulatory changes
Integrated information governance into corporate infrastructure and business
processes to such an extent that compliance with program requirements and legal, regulatory, and other responsibilities
are routine
Ability to identify commodity malware, some breaches, some lateral movement, basic
initial impact and respond with a somewhat coordinated cross functional response
Management has information needed to understand complete context of risk. More
informed decisions made and accountability established but decision process is still
manual
System of record in place to manage full lifecycle of compliance activities.
Stakeholders collaboratively define processes and policies; remediation
activities are consistently monitored and reported
Established proactive information governance program with continuous improvement. Information governance
issues and considerations routinely integrated into business decisions
Limited ability to identify commodity malware, some breaches, some lateral
movement, basic initial impact and limited ability to respond
Agreement on risk management terminology, rating scales and assessment
approach is established. Little business context is available and responsibility for each risk and control is not always clear
Operational standards and a comprehensive compliance catalog are developed. Some
activity focused on improving effectiveness and stabilize processes with limited scope
Developing recognition that information governance has impact on organization and
benefits from more defined program. Still vulnerable to scrutiny of legal or business
requirements
No ability to detect threats against the organization and no ability to respond when
attacked
Baseline activities are in place to manage risk but are isolated and fragmented.
Beginning to obtain visibility into assessed level of inherent and residual risk but
accountability is ad hoc
Organization understands broad compliance obligations but each area manages separately. Control performance is
assessed ad hoc or as part of external audit
Information governance and recordkeeping concerns are not addressed at all, minimally or ad hoc. Will not meet legal or regulatory scrutiny or effectively server the business
CYBER INCIDENT RISK MGT 3RD PARTY GOVERNANCE DATA PRIVACY RISK DIGITAL BUSINESS RESILIENCY
MA
TU
RIT
Y
![Page 23: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/23.jpg)
23
RSA RISK FRAMEWORKS:Cyber-Breach Risk Framework: ABC Financial Services Company
Compliance Requirements
19 US State PII Laws, GDPR, PCI, & FINRA Member
Lowest Common Denominator Capabilities (partial list)
Security Plan, updated annually
Annual Audit Plan (PCI, Risk)
Maintaining event logs for 7 years
Real-time security event monitoring
Vulnerability scanning
72 Breach Notification
Maturity Qualification
Overall Score: 50.4 out of 100
Focus Breakdown:
Pre-Breach Planning
Operational Security
Dwell Time Reaction
Remediation
Post-incident Handling
Overall Breach Readiness
Average 10.8 per category, 3 points below average
5.7 out of 20
11.4 out of 20
8.5 out of 20
19.1 out of 20
5.7 out of 20
![Page 24: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/24.jpg)
24
RSA PORTFOLIO
▪ Modern Multifactor
Authentication
▪ Identity Governance &
Lifecycle Management
▪ Identity Risk
Management
▪ Convenient, Secure
Access & SSO
SECURE ACCESS
TRANSFORMED
EVOLVED SIEM AND
ADVANCED THREAT
DEFENSE
PROVEN
INTEGRATED RISK
MANAGEMENT
OMNI-CHANNEL
FRAUD
PREVENTION
▪ Visibility across logs,
network/packets,
endpoint
▪ Behavioral analytics for
accurate detection
▪ Orchestration and
automation to speed
response
▪ Monitoring across
Digital Consumer
Lifecycle
▪ Risk-based Adaptive
Authentication
▪ Integrated global Threat
Intelligence
▪ Balance security and
consumer experience
▪ IT Security Risk
Management
▪ Cyber Risk Quantification
▪ 3rd Party Risk
Management
▪ Compliance Management
▪ Operational Risk
Management
ADVANCED RISK AND
CYBER-DEFENSE
SERVICES
▪ Digital Risk Maturity
Assessment & Strategy
▪ Incident Response &
Cyber-Defense Services
▪ Comprehensive Design
and Implementation
▪ RSA University
▪ Customer Success
▪ RSA Communities
![Page 25: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/25.jpg)
25
RSA PARTNERSHIPS
400+ COMPANIES, 1000+ SOLUTIONS
![Page 26: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/26.jpg)
26
30,000+Customers
50+ millionIdentities
1 billionConsumers
400+Global Technology
Partners
RSA KEY STATS
94%
![Page 27: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/27.jpg)
27
UNIFIEDBusiness Risk
Management
ADAPTABLEAdvanced Security
Operations
TRUSTEDExpert Advisory
Services
RESILIENTSecure Modern
Infrastructure
Security Transformation
![Page 28: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/28.jpg)
28
A unified, phased approach to provide visibility, insights, and action to manage digital risk
![Page 29: DIGITAL RISK MANAGEMENT - networksunlimited.africa Digit… · RSA NetWitness Suite RSA Archer Suite Bring immediate context to security events from a single dashboard Outcome Improved](https://reader033.fdocuments.in/reader033/viewer/2022060223/5f07eaf07e708231d41f68a6/html5/thumbnails/29.jpg)
29C O N F I D E N T I A L
THANK YOU!
Andy Waterhouse
EMEA Presales Director
Twitter : @Andy_J_W