ASSESS YOUR SECURITY

POSTURE TO ARM YOUR

DEFENCES

1

Carl Shallow

Head of Compliance & Pre-sales

www.secdata.com

LOOKING BACK…

• What were the risks when everything was centralised on mainframes?

2

Centralised data storage

Avoiding data loss

Overnight batch

processing

What was printed?

• Today, we have almost come full circle…

3

LOOKING FORWARD…

Centralised storage

Thin client access

Don’t allow data to move

• What are the concerns for companies today?

4

DEFINING THE PROBLEM

Data

• Where is it?• Who has

access to it? • How sensitive

is it? • How sensitive

will it be in a week, a month or a year?

• What rules do you have to follow to protect it?

Applications

• The dangers of downtime, ensuring availability

• Testing• Development• Protecting

sensitive application data

• Ensuring perfect performance

Physical

• Ensuring business continuity

• Robust disaster protection

• Data replication

• Physical site security

Connectivity

• Bring Your Own Device

• Secure remote access

• Cloud-based services and infrastructure

• Virtualisation• Unified

comms and collaboration

• Securing data has been a moving target for the last 20 years. Today, we’re facing:

5

STATE OF THE MARKET

Squeezed IT budgets

Changing technologyand threats

Most companies are locking the stable door after the horse has bolted!

Time constraints

• We’re seeing a proven track record that compliance gives results

• Thanks to PCI compliance, credit card fraud reached a 10 year low in 2012

6

WHERE ARE WE GOING?

Established security

frameworks

Increased compliance

requirements

Companies aligning to ISO 27001

7

WHAT CAN YOU DO?

Risk assessments

What are the acceptable risks and what are

the crucial areas to protect?

SensePost

Network

Applications

Employee training and education

Push monitoring data and

analytics to the cloud and

consume as an expert service

Assess on demand and model the potential problem

Websense, Bluecoat,

CheckPoint, SIEM, SkyBox

• Assess the unique vulnerabilities of your business• Identify the greatest risks and vulnerabilities to enable

you to implement preventative protection

Threat analysis

Security as a service

Security assessments

8

WHAT SHOULD YOU DO NEXT?

Perform a risk assessment

Prioritise the gaps

Deploy a SIEM

Implement scanning /

patch management

Then assess, assess, assess!

Assessment is the new incident response

THANK YOU

9

Carl ShallowHead of Compliance and Pre-salescarl.shallow@secdata.com+44 1622 723400