Enfo Sweden AB

SIEM “Data security with business benefits”

Pekka Hagström

“Sony Makes it Official: PlayStation Network Hacked”

“Sony PlayStation network hacked again ...”

“New York Times hacked”

“New York Times hacked for Four Months Straight”

“Wall Street Journal says it has also been hacked”

“Google kills Iranian blog with 3 million hacked bank accounts”

“Försvaret, TT, SJ, Swedbank och SEB utsatta för ’denial of service”

”Praktikanten läste ex-pojkvännens journal”

Datainspektionen - Samtliga landsting bryter mot lagen!

40.000 anställda i (Stockholm) landsting har åtkomst till dina journaler

SIEM as a solution

Security information management:

“Analysis and reporting for compliance and forensic”

Security event management:

“Immediate reaction to threats detected by real-time tracking”

SIEM based business intelligence:

“Support business decision-making with usage information”

Examples of regulation

Then, HIPAA compliance in reality?

”Tidigare var det sekretess runt varje förvaltning i vården. Nu råder i stället

sekretess i hela landstinget. Tystnadsplikten mot allmänheten är fortfarande lika

sträng men internt har den öppnats upp. Med öppenheten följer också

konsekvenser för patientens integritet. Om en patient till exempel anförtrott

sexuella övergrepp till en doktor finns numera möjlighet för andra

landstingsanställda att ta del av anteckningar”

Threat management

DETECT REACT

More professional threats …

Source: IBM “Executive guide to security intelligence” January 2013

Top 5 security threats for 2013*

1. Cyber (in)security

2. Supply chain security

3. Big data

4. Data security in the cloud

5. Consumerization – securing consumer devices

* Source: The Information Security Forum

Is the ‘detection’ out-sourced??

Source: Verizon Risk Team, “2012 Data breach investigations report”

Advanced tools are available!

Business benefits?

Case: Optimize IT infrastructure

0%10%20%30%40%50%60%70%80%90%

Peak load

Average load

0%

20%

40%

60%

80%

100%

120%

1 2 3 4 5 6 7

Berlin

London

Copenhagen

Stockholm

Helsinki

Monitor / Upgrade?

Consolidate servers?

Application server utilization graph

How to proceed?

Enfo SIEM service layers

SIEM consultancy services Audit reports, GAP-analysis, ICT security strategy

SIEM requirements , specifications and configurations

SIEM monitoring & analysis services Ongoing security and compliance monitoring

Ongoing SIEM business intelligence services

SIEM Hosting services Platform-services for SIEM software & databases

Fault tolerance- and back-up services

Pro

ject

based

S

erv

ice b

ased

Further information & contact

• Pekka Hagström, Senior Consultant

Telephone: +46 70-971 93 63

E-mail: pekka.hagström@enfo.se

• Claes Dagnell, Business Area manager

Telephone: +46 70-6021689

E-mail: claes.dagnell@enfo.se

• Peter Selemark, Sales manager

Telephone: +46 73-365 77 98

E-mail: peter.selemark@enfo.se

• Peter Lörincz, CEO

Telephone: +46 736-840866

E-mail: peter.lorincz@enfo.se