© 2018 DXC Technology Company May 22, 2018

DXC SecurityIntegrated Security OperationsEnabling Enterprise Security Response

Matthew O’Brien

Global Offering Director

Security Detection and

Investigation Services

May 22, 2018 2© DXC 2017

IT departments feel the

squeeze but…

budgets are under pressure and

security is now a board-level issue

The innovative adversary

is increasingly sophisticated and, on average, goes undetected for 99 days1

Security operations

need maturity, speed & scale to

move beyond real-time threat

monitoring

Regulatory pressures

grow for industry and geography

compliance requirements such as

GDPR

Sources:1: Mandiant M-Trends 2017 Report; 2: US Bureau of Labor Statistics, 3: CyberArk Security Report 2015

Widening skills gap

makes it hard to attract, train, and

retain security professionals, yet the

demand for security talent is expected

to increase by 53% in 20172

Next generation threats

such as ransomware or file-less,

memory-based malware makes it

difficult to stay secure

Device, cloud explosion

is causing significant increases in

the enterprise threat surface

People are weakest link

and require awareness and training

to protect against the 80% of

attacks that target user access3

Security teams are under pressure

May 22, 2018 3© DXC 2017

Cyber Defense is more than just technology

Incident/Vulnerability

Response

Security Monitoring

Security Management

Breach Preparedness

Incident Response

Crisis Management

L3 Analyst

CERT

Adversarial Hunting

Threat Intelligence

L1, L2 Analyst

Data Storage

Rules, Use Case

SIEM

Infrastructure

“I want to retain capability in-house”“I cant staff this 24x7 globally just in case…”“I want to delineate security incident response by severity”“How do I recruit and retain the best of the best?”“My team’s function is guidance on risk tolerance and policy definition”

“I want to focus my limited resources for L3”“I want to retain and build skills that are integrated into my business”“I need to investigate potential threats to my business.”“I want best in class APT detection but cant use every tool out there”“Where is the intelligence that is actionable for me or my industry?”

“I have a chosen SIEM technology, give me help to operationally manage” “I need custom rules which need constant tuning” “I am happy with pre-defined use cases”“I don’t care who hosts my SIEM” “I want to retain control over my data”“My other security technology is managed by IT”

1

2

3

Governance

Vulnerability Response

May 22, 2018 4© DXC 2017

Enterprise Security Operations Differentiators

Visibility Without Boundaries

Massive scale log ingestion supporting both short term

alerting and long term investigation

Seamless Real-time and Advanced Analytics powered

monitoring and alerting built for security scale

Comprehensive Detection

Guided, analytics powered prioritization, investigation, entity

profiling and workflow with automated orchestration and

response

– Intuitive Investigation & Intelligence w/automated response

May 22, 2018 5© DXC 2017

DXC’s Intelligent Security OperationsIntelligence Driven, automated security incident and vulnerability management

Incident and Vulnerability Management PlatformIntegrated Security Operations and Incident Response

PEOPLE

PROCESS

TECHNOLOGY

SERVICES

May 22, 2018 6© DXC 2017

What is ISecOps?

ISecOps as a Service

WorkflowAutomation &

Orchestration

Threat

Intelligence

Security Incident

Management

Vulnerability

Management

IT

Integration

Efficient

Security Response

Streamline

Remediation

Visualize Your

Security Posture

Managed Security

Services

Enterprise Security Service Management as a Service

Visibility Without

Boundaries

ISecOps – Is a fully integrated platform for

delivering enterprise security response services –

providing enhanced vulnerability management,

operational Interlock, improved visibility and reduced

time to manage and respond to security threats.

May 22, 2018 7© DXC 2017

Enterprise Assets

Security Systems

IT Systems

Integrated Enterprise & Security Systems

Visibility Without

Boundaries

Integrated Change

May 22, 2018 8© DXC 2017

The Core Problem: Security Responders Are Overwhelmed

SIEM

APT

EPS

VUL

What info do I

need?

What systems

have the info

that I need?

What lookups do

I need to run to

derive 2nd level

enrichment?

Have I seen this

type of threat

before?

Is it a threat

attempting to go

undetected?

Security Runbook

knowledge

Multiple disparate

solutions

Manual scripting

and operational

tasks

No historical threat

intel tied to

incidents or CIs

No context across

asset, service type

or user group

Slo

we

r S

ecu

rity

Re

sp

on

se

Security

Alert

Security

Analyst

Comprehensive

Detection

May 22, 2018 9© DXC 2017

Portal Service Desk

Monitoring

Vulnerability Scans

CMDB

HIGH VALUE CI s

LOW VALUE CI s

CI CI CI CI CI

CI

CI

CI

CI

CI

CI

CI

CI

CI

CI

CI

CI

CI

CI

CI

CI

Security

Incident Response

(SIR)

Vulnerability

Management

Threat

Intelligence

SIEM

Endpoint Protection

EDR

Firewalls

IDS/IPS

Threat

Libraries

ISecOps Analysts

End Users

Security Operations Overview

Comprehensive

Detection

May 22, 2018 10© DXC 2017

Intuitive Investigation

& Intelligence

w/automated response

Security Analytics & Automation

Automation

Intelligence

Runbooks

Orchestration

May 22, 2018 11© DXC 2017

Intuitive Investigation

& Intelligence

w/automated response

Security Analytics & Automation

Enabling Enterprise Security Intelligence and

Automation though DXC Bionix™, our digital-

generation services delivery model based on

intelligent automation at scale

Harnessing the full power of the ServiceNow platform

May 22, 2018 12DXC Proprietary and Confidential

Integrate teams

across the

organization

Reduce manual

workloads and

processes

The ability

to easily audit

security

processes

Enterprise

visibility of

security posture

Reduce time

to manage

incidents &

vulnerabilities

How Integrated Security Operations Helps

✓ ✓ ✓ ✓✓

May 22, 2018 13© DXC 2017

Value Outcomes

Multiple Tools

Multiple Processes

Integrated solution, clearly defined and

automated workflow. Clear task assignment

and responsibilities

Improved Incident &

Vulnerability

Management Workflow

Manual processes

No automation

Integrated tools, workflow automation and

auto assignment. Faster response time to

security threatsIncreased Automation

Disparate sources of data

No single view

Centralized reporting across the enterprise.

Visibility at the business unit and regional

levels, aggregating to a global viewImproved Visibility

Teams focused on multiple items

with uncertain priorities. Time

spent on medial tasks

Teams focuses on business outcome and

priorities. Time is spent on more interesting

security related activities

Increased Employee

Satisfaction

Before After Outcome

Disparate systems of information.

Multiple controls and intelligence

Sources

Integrated threat intelligence, vulnerability

data, and security incident data in the one

location

Improved Integration of

information

May 22, 2018 14© DXC 2017

Want to know more?

Connect

Twitter: @DXCSecurity

http://www.dxc.technology/security

Contact

Matthew O’Brien,

Global Offering Director

DXC Security

mobrie21@dxc.com

@MatthewOBrienAU

Set-up

Demo at booth

Executive meeting on-site

Follow up Discovery call

Visit

Booth #1100

© DXC 2017

Thank you.

About DXC TechnologyDXC Technology (DXC: NYSE) is the world’s leading independent, end-to-end IT services company, helping clients harness the power of innovation to thrive on

change. Created by the merger of CSC and the Enterprise Services business of Hewlett Packard Enterprise, DXC Technology serves nearly 6,000 private and

public sector clients across 70 countries. The company’s technology independence, global talent and extensive partner network combine to deliver powerful

next-generation IT services and solutions. DXC Technology is recognized among the best corporate citizens globally. For more information, visit www.dxc.com.