covits 2011 - the changing landscape of cyber-security...

COVITS 2011 - The Changing Landscape of Cyber-Security – Identity, Credential, and Access Management (ICAM)

On Tuesday, August 23rd at 1:51 PM…

—A magnitude 5.8 (Mw) earthquake occurred at 1:51 pm EDT (17:51 UTC) on August 23, 2011, at a depth of about 3.7 miles (6 kilometers) beneath the town of Mineral, Virginia, located approximately 27 miles (45 km) east of Charlottesville. The event is among the largest earthquakes recorded in the eastern United States.

— http://earthquake.usgs.gov/earthquakes/recenteqsww/Quakes/se082311a.php

Agenda

The Changing Landscape of Cyber-Security

Agenda

The Changing Landscape of Cyber-Security

Changing the Landscape of Cyber-Security… Mobile Devices and Social Networking –

7 Changing Landscape of Cyber-Security Copyright © 2011 CA

Cloud Computing … Changing the Cyber-Security Landscape

8 Changing Landscape of Cyber-Security Copyright © 2011 CA

Changing the Cyber-Security Landscape… Advanced Persistent Threat

9 Changing Landscape of Cyber-Security Copyright © 2011 CA

Changing the Cyber-Security Landscape… Identity Theft

10 Changing Landscape of Cyber-Security Copyright © 2011 CA

“Houston, We have a problem!”

Changing Landscape of Cyber-Security Copyright © 2011 CA 11

So we turn to tools and technology to solve problems

Changing Landscape of Cyber-Security Copyright © 2011 CA 12

Result: High Performance and Smooth Sailing

Changing Landscape of Cyber-Security Copyright © 2011 CA 13

The Cyber-Security Landscape is changing – ICAM stage 1 stovepipes

ICAM Stage 2 >

Privileges

Application

Credential

User Account

Authorization

Authentication

Privileges

Application

Credential

User Account

Authorization

Authentication

Privileges

Application

Credential

User Account

Authorization

Authentication

Privileges

Application

Credential

User Account

Authorization

Authentication

Privileges

Application

Credential

User Account

Authorization

Authentication

User Identities

Changing Landscape of Cyber-Security Copyright © 2011 CA 14

Centralized Entitlement and Access Management with Delegated Administration

ICAM Future - Centralized entitlement and access management

User Identity

Credential

Application Application Application

Authorization

Application Application Application

User Account

Authentication

Privileges

Application Application Application

Changing Landscape of Cyber-Security Copyright © 2011 CA 15

16 Changing Landscape of Cyber-Security Copyright © 2011 CA

Managing the Risk = Protecting the Data and Securing Access

Employees, Contractors

Customers

Privileged Users

Partners

We help you ensure the right people have the right access to the right information at the right time

You have to Authenticate People Services Devices

You have to Authorize Systems Applications Information use

You have to Report User/Service Activity Information Activity Privacy/Compliance

Web Services, API access

Mobile

Web Apps, SaaS Apps

Systems, Network

Email, IM, Social Net

Application Data

Shared Files

Private Cloud, Public Cloud

17 Changing Landscape of Cyber-Security Copyright © 2011 CA

—Where previous models relied upon verticalization and perimeter security, new models rely upon enterprise ICAM services, virtualization and abstraction.

—New security model must be adaptive, contextual, identity-aware, and more modular than the traditional information security model

— Identity, Credential, and Access Management (ICAM) becomes the foundation of the new security model

ICAM - Identity, Credential, and Access Management Foundation of the new Security Model

18 Changing Landscape of Cyber-Security Copyright © 2011 CA

Tools and Technology for Identity and Access Management

Changing Landscape of Cyber-Security Copyright © 2011 CA

Role Mgt

ID Governance

Role Management

Provisioning

ID Admin

Identity Management

Web Access Mgt SSO & Multi-Factor

Auth

Federation

Web Access Management

SOA

Entitlements (Access)

Provision (Identities, Access)

Privileged User Mgmt

Host Access Mgmt

Privileged User Mgmt Enterprise

e-Mail Control

Data Mgt

Auditing & Reporting

User Activity & Compliance Reporting

Log Management, Auditing, & Reporting 19

Changing Landscape of Cyber-Security Copyright © 2011 CA

Success is being ready for the future … of ICAM

20