it security strategy
TRANSCRIPT
![Page 1: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/1.jpg)
IT Security Strategy: Protecting Your Key Corporate Assets
Tech Data
![Page 2: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/2.jpg)
Non-Disclosure• This discussion is under our
mutual nondisclosure agreement.
![Page 3: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/3.jpg)
Purpose of Our Discussion• Decide if we should expand our relationship• Identify your questions and concerns about your IT
security• Identify whether your issues are within our expertise • Report our findings about security issues• Establish next-step recommendations based on your
situation• Create an action plan for your consideration.
![Page 4: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/4.jpg)
Introductions• Your team
• Role, responsibility, experience• What would make this a valuable meeting for you?
• Our team• Role, responsibility, experience
![Page 5: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/5.jpg)
Why Security?• IT is the engine of your
business: When it’s compromised, you’re at risk
• Your assets have value that bad guys want.
![Page 6: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/6.jpg)
Why Our Customers Choose Us• Local, responsive and concerned means we’ll be there
when called• Experienced in delivering and securing IT in all varieties:
traditional, cloud, blended systems, mobile• Deep network of resources to solve unique situations• We work until the the problem is resolved• We take a holistic view and focus on growing our
customer’s business by judicious application of IT.
![Page 7: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/7.jpg)
What Gets Secured…?
• What do you want to protect? • How much do you want
to protect it?
• What’s vulnerable?• Human failure• Equipment failure• Malicious attack.
![Page 8: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/8.jpg)
What Gets Secured…?• What’s valuable?
• What can and can’t you live without?
• What are you legally required to protect? • Defend this first or you could
go to jail
• What do you need to operate your business?• Defend that next or you could
go out of business.
![Page 9: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/9.jpg)
What Gets Secured?• What is impossible to replace
and what can be covered by insurance?
• What’s a trade secret and what’s common knowledge?
![Page 10: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/10.jpg)
Your Key Assets: • People – employees, customers, key vendors and
stakeholders• Property – physical, electronic and intellectual• Processes – the procedures used to successfully conduct
business• Proprietary data – trade secrets, confidential information
and personal data.
![Page 11: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/11.jpg)
The Outcome of Security• Availability of corporate assets• Integrity of those assets• Confidentiality of assets that are private• Accountability, making those who access the data
responsible for their behavior.
![Page 12: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/12.jpg)
The Value of Security…• Increases staff efficiencies
from not having to individually deal with security issues like spam, viruses and rogue email
• Increases in systems efficiency created by the security system because of upgraded technology
• Eliminates cost of security breaches from unpatched software.
![Page 13: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/13.jpg)
Security is a Real Challenge• New IT threats every second• High-profile attacks• New attack points
• Mobile devices• Data leakage• Social engineering.
![Page 14: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/14.jpg)
Seven Security Layers1. Access control
2. Deter intrusion
3. Detect intrusion
4. Determine attack nature
5. Delay further access
6. Defend
7. Recover.
![Page 15: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/15.jpg)
The Value of Security• Reduces legal exposure from
unsecured premises and computer systems
• Increases sales based on improved security and stability
• Reduces business interruptions caused by security breaches.
![Page 16: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/16.jpg)
Your Security Concerns• What do you need to secure?• What would it be worth to
secure that?• What would it cost if it wasn’t
secured?• What is your security policy?
![Page 17: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/17.jpg)
What Would You Like to Have Happen?• What would it be like if
everything worked correctly?• How will you know who to
choose?
![Page 18: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/18.jpg)
Our Recommendations• Assessment• Security policy• Remediation plan• Policy audit and implementation• Bring compliance up-to-date• Adjust implementation of
policies.
![Page 19: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/19.jpg)
Assessment• Review your situation using the
seven layer security model• Identify any issues• Recommend any specific
actions with cost/risk analysis• If we find nothing, you’re just
being cautious.
![Page 20: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/20.jpg)
Security Policy• Review your security policy• Look for completeness • Look for areas that have
changed• Mobile• New compliance mandates.
![Page 21: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/21.jpg)
Remediation Plan• If required
![Page 22: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/22.jpg)
Policy Audit and Implementation• Audit for compliance• Education where needed• Help your team with
enforcement strategies.
![Page 23: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/23.jpg)
Proposed Next Steps• Agree to an assessment• Our security team will perform
this• Meet for a review of findings• Decide the next step, if any.
![Page 24: IT Security Strategy](https://reader030.vdocuments.us/reader030/viewer/2022020314/58eff8471a28abb67a8b45c3/html5/thumbnails/24.jpg)
Schedule the Next Meetings• Assessment
• Who and when
• Report of findings• Executive team• Two weeks later.