1 © Copyright 2014 EMC Corporation. All rights reserved.
Meeting the Grand Challenges of Hybrid Cloud Dr. Robert W. Griffin Chief Security Architect
RSA, the Security Division of EMC
blogs.rsa.com/author/griffin
blog.emc2.de/executive-world/
project-sparks.eu/blog/
@RobtWesGriffin
linkedin.com/pub/robert-griffin/0/4a1/608
2 © Copyright 2014 EMC Corporation. All rights reserved.
Disruption and Transformation
Infrastructure Transformation
Mobile Cloud
Less control over access device and back-end
infrastructure
Threat Landscape Transformation
APTs
Sophisticated Fraud
Fundamentally different tactics, more formidable than ever
Business and Legal Transformation
More hyper-extended, more digital
Extended Workforce Networked
Value Chains
Big Data
http://www.emc.com/collateral/industry-overview/h11391-rpt-information-security-shake-up.pdf?pid=sbiclandingpage-sbicspecialreport-122112
3 © Copyright 2014 EMC Corporation. All rights reserved.
Responding to the IoT Opportunity SPARKS Project (Smart Grid Protection Against Cyber Attacks)
A greater degree of monitoring and
automatic control at electricity network
edge
Increased use of
ICT systems, e.g.,
to support
prosumer
communities and
advanced energy
services
Greater use of
COTS systems to
implement parts of a more
open grid
Privacy concerns
emerging from
smart meters & increased
risks associated with
tampering
Incidents the US
ICS-CERT
responded to from
Oct 2012-May
2013, Source: ICS-
CERT
SCADA-related Incidents
5 © Copyright 2014 EMC Corporation. All rights reserved.
Example#1: T-Systems (UK) Achieving Risk Discipline
http://www.emc.com/collateral/customer-profiles/h11661-rsa-archer-cp.pdf
• Requirements: • Create a consolidated enterprise-wide view of
operational and functional risks for senior management
• Address all classes of risk • Engage business users in risk governance
• Solution: • Used ISO 31000 as framework • Defined risk ownership • Established enterprise-wide risk community • Deployed single software solution across
enterprise
6 © Copyright 2014 EMC Corporation. All rights reserved.
Operational & Enterprise Risk
IT Security Risk
IT Business
Risk Discipline Across the Organization
Board Business
Operations Managers
CIO & CISO
Common Foundation
Maturity
Silos Managed Advantaged
LOB Executives
Business Resiliency
Regulatory & Corporate Compliance
Third Party & Vendor Risk
Audit
7 © Copyright 2014 EMC Corporation. All rights reserved.
SPECS Project : Secure Provisioning of Cloud
Services based on SLA Management
Request SecSLA Capabilities
Final Agreed SecSLA capabilities
Search,Evaluate,Rank
Negotiate & Sign SecSLA Offering
Federation CSC
8 © Copyright 2014 EMC Corporation. All rights reserved.
Example#2: Deutsche Bank (Germany) Identity Governance
• Deutsche Bank Global SoD Program – European Identity Award (May 2013)
• Requirements: – Continuously monitor Segregation of Duties across
the enterprise – Integrate with existing access management – Increase regulatory awareness
• Solution: – Implemented SoD rules to detect conflicts – Supported complex elements in rules – Designated SoD managers – Supported cloud environments
https://www.aveksa.com/news_item/aveksa-customer-wins-prestigious-iam-award-from-leading-it-research-analyst-firm/
9 © Copyright 2014 EMC Corporation. All rights reserved.
Trusted interactions between identities and information
Identity Governance
Applications/Data/Resources
Identity Lifecycle
Compliance
Access Platform Governance Platform
Federation/SSO
Authentication
Employees/Partners/Customers
Provisioning
Identity Intelligence
10 © Copyright 2014 EMC Corporation. All rights reserved.
IT Security
Identify Governance
Line of Business
Ensure Compliance and Manage Risk
Audit, Risk & Compliance
Enterprise, Mobile & Cloud Applications and Data
Enable the Business: Ownership & Accountability
Managing Identity Across the Cloud
Visibility and Control across Hyper-Extended Enterprise
Business Processes
11 © Copyright 2014 EMC Corporation. All rights reserved.
Example #3: Communication Valley Reply (Italy) Leveraging Security Analytics
• Requirements: • Efficient, cost-effective management and
reporting of security • Reduce cost of services delivery • Improved MSSP service as competitive
advantage • Solution:
• Automatically tracked and reported on client risk and compliance
• Enhanced incident triage • Improved event analysis
http://www.emc.com/collateral/customer-profiles/h11982-reply-cp.pdf
12 © Copyright 2014 EMC Corporation. All rights reserved.
Capture, analyze and act on data from across the enterprise.
Threat Intelligence | Rules | Parsers | Feeds | Reports | Research INTELLIGENCE
Investigation
Advanced Analytics
Compliance
Endpoint Analysis
Session Reconstruction
Incident Management
ACTION ANALYSIS
LIVE
VISIBILITY
Capture Time Meta-Data Enrichment
LIVE
Security Analytics
LOGS
PACKETS
ENDPOINT
NETFLOW
ENRICH
13 © Copyright 2014 EMC Corporation. All rights reserved.
Incident Management & Reporting
Visibility
Security Architecture
Team
Device Administration
Data Warehouse &
Ticketing System
IT Team
Intelligence-Driven Security
Automation,
Rules, Alerts & Reports
Threat Triage
Analytic Intelligence Content Intelligence
Expertise
Level 1 Triage
Level 2 Triage
Level 3 Triage
Threat Intelligence
Controls
A/V IDS/IPS
Firewall/VPN Proxy
Packets Host File
DLP
SIEM Log Alerts
DLP Alerts
Signature less Alerts
Governance
Business Context
Risk Context
Threat Context
Line of Business Owner Policy
Assessments Criticality
Vulnerability
Subscriptions Community
Open Source
14 © Copyright 2014 EMC Corporation. All rights reserved.
Planning Your Journey
Compliance Opportunity Risk
Siloed compliance focus,
disconnected risk, basic reporting
Managed automated compliance, expanded risk focus,
improved analysis/metrics
Advantaged fully risk aware, exploit
opportunity
Reduce compliance cost
Gain resource & risk visibility
Manage known & unknown risks
Identify new business opportunities