Upload File

iam trends - information assurance | isaca · p l i a n c e a s s u r a n c e a r e l t i o n s h i...

  • Home
  • Documents
  • IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11
14
1 © Copyright 2016 S3 Corporation. All rights reserved. IAM Trends The need for a Programmatic Approach to Identity, Security and eGRC July, 2016

Upload: doanxuyen

Post on 20-Jul-2018

212 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

1 © Copyright 2016 S3 Corporation. All rights reserved.

IAM Trends The need for a Programmatic Approach to Identity, Security and eGRC

July, 2016

Page 2: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

2 © Copyright 2016 S3 Corporation. All rights reserved.

Overview

• IAM Statistics: Current Environment

• The Cyber Approach

• Cyber Kill Chain®

• Use Cases

• IAM Constituents, Associations, Capabilities, and Control Framework

• Threat Response Maturity Evolution

Page 3: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

3 © Copyright 2016 S3 Corporation. All rights reserved.

Identity Related Statistics

$7.7M

Average cost of a data breach

Cost to an organization per individual

compromised record (over 800m records exposed in 2015)

$230

72%

256 days

Percentage of incidents perpetrated

by internal resources

Average number of days until a breach is

detected

90%

% of IT professionals that

believe there is a skills

shortage in our industry

Ponemon Institute Cybercrime studies 2015 and 2016

Page 4: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

4 © Copyright 2016 S3 Corporation. All rights reserved.

Prevention,

Detection, and

Mitigation

Breach

Prevention

Past

An Ounce of Prevention…

Future

Page 5: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

5 © Copyright 2016 S3 Corporation. All rights reserved.

Cyber Kill Chain®

Weaponization

Based on Lockheed Martin’s Cyber Kill Chain

Reconnaissance Delivery

Exploitation Command & Control

Installation Action on Objectives

Hours to Months Seconds Months

Page 6: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

6 © Copyright 2016 S3 Corporation. All rights reserved.

Sample Use Cases

• Social engineering/education of IAM constituents

• Enriched monitoring data

• Creation of a local accounts (uncorrelated identity)

• Recertification processes (file-share and application access)

• Data extraction volume

Page 7: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

7 © Copyright 2016 S3 Corporation. All rights reserved.

IAM Constituents and Associations

A comprehensive program approach:

• Consider the objectives and use cases for

key constituents

• Focus on how they associate

• What does a successful outcome look like?

Key constituents have a symbiotic

relationship:

• Technology

• The delivery of information Busi

ness

Nee

ds &

Req

s/

Secure

Session

Routing

Use

r

Tech

nology

Enab

lem

ent

Inte

raction

Pro

cess

Transm

ission

Risk &

Com

pliance

Assurance

Relationship People

Devices

Apps

Data

Page 8: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

8 © Copyright 2016 S3 Corporation. All rights reserved.

IAM Critical Capabilities

Functionality:

IAM policies, practices and tools must fulfill

critical capabilities. Inputs include:

• Forecasted business needs and goals

• Technology environment

• Regulations and legal requirements

• Industry practices and guidelines, and

• Significant threats and risks

Fitness for Use:

IAM must be user-friendly, risk-based,

adaptable, cost-effective, and manageable. Gov

ern

Acces

s

(De)

prov

ision

Man

age

Roles

Assig

n

Entitlem

ents

Manage A

ccess

Grant P

rivileges

Establish S

ession

Secure Com

m.

Key

s & C

erts

Cre

dent

ials

Iden

tify

Aut

hent

icat

e

Interaction Relat

ions

hip

Tran

smission

Process

Estab

lish

Affilia

tion

Exe

cute

Com

man

d Control E

ntry

Track Activity

Monitor R

isks

Com

pliance

Rem

ediation

Validate

Trust People

Devices

Apps

Data

Page 9: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

9 © Copyright 2016 S3 Corporation. All rights reserved.

IAM Technical Control Framework

The IAM technology design should

encompass best-of-breed tools that:

• Integrate into the planned IT

infrastructure

• Provide necessary functionality, and

• Overcome IAM limitations, while reusing

value added components where

Iden

tity

Gov

erna

nce

&

Adm

inistra

tion

Digita

l Right

s M

gmt

Acc

ess &

Pas

swor

d Por

tal

eGRC S

olution

Log Managem

ent

Security

Information E

vent

Managem

ent

VPN C

lient

NAC/ W

AM

Enterprise

Encryption

Netw

ork

Segm

entation/

Tenant Partition

Key &

Cer

tificat

e

Mgm

t

Toke

n

Adm

inistra

tion

SSO S

olut

ion

Risk-

base

Authe

nticat

ion

Dire

ctor

y Ser

vice

s

Interaction Relat

ions

hip

Tran

smission

Process

En

dp

oin

t C

on

trols

Da

ta C

on

trols

Network Controls

People

Devices

Apps

Data

End User Controls

Page 10: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

10 © Copyright 2016 S3 Corporation. All rights reserved.

Strategic Enterprise Maturity Evolution

Enterprise Risk maturity should evolve from firefighting to predictive analytics.

Success at the intersection of process evolution and technical enablement.

Page 11: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

11 © Copyright 2016 S3 Corporation. All rights reserved.

Final Message

• IAM is the baseline component to your data protection and risk mitigation program

• Approach IAM initiatives as a strategic, organization-wide program with IT

enablement (project vs. program approach)

• A programmatic approach results in creating an integrated, sustainable lifecycle of

responsiveness, monitoring, and risk mitigation

Page 12: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

12 © Copyright 2016 S3 Corporation. All rights reserved.

Contact Us

Johanna Thomas [email protected]

Paul Kohler [email protected]

Page 13: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

13 © Copyright 2016 S3 Corporation. All rights reserved.

THANK YOU

Page 14: IAM Trends - Information Assurance | ISACA · p l i a n c e A s s u r a n c e a R e l t i o n s h i p People Devices ... IAM Trends Author: Marcinik.Todd Created Date: 8/5/2016 8:27:11

14 © Copyright 2016 S3 Corporation. All rights reserved.


IAM Cahier7

IAM Full Control Document v01 - IAM RoadSmart

VILLA ET HORTVS - WordPress.com...I lia ros s pulchr s in hort videt et ab Aemili disc dit. Iam ea cum Aemili n n est. Aemilia eam n n 50 videt. Puella in hort est. Aemilia imperat:

Asset Management – the IAM · 2017. 11. 14. · IAM Qualifications – targets IAM Certificate: aimed at those new to Asset Management IAM Diploma: designed to help existing Asset

TD and HBUG Meetings - NCEdCloud IAM Service · The Identity and Access Management (IAM) Service Questions? Links: IAM Information Site - ncedcloud.mcnc.org NCEdCloud IAM Service

The ROI of IAM - docs.bankinfosecurity.comdocs.bankinfosecurity.com/files/handbooks/IAM/IAM-eHandbook.pdf · IAM, of course, is a huge issue for financial institutions – not just

Life Sciences - Kirkland & Ellis Life... · 2017-09-19 · 32 IAM Life Sciences 2017 www. IAM-mediacom IAM Life Sciences 2017 and widely used (Myriad, 133 S Ct at 2118-19).In other

Deploying unified security in a hybrid cloud world · Application security Cloud workload management C o n t i n u o u s co m pli a n c e Identity and Access Management (IAM) Hybrid

The IAM District 190 S Sparkplug parkplu

85 +0.011 -0,009 167 91 24 MOUNTING FACE 62 8 N85x3x27-9H DIN 5480 MOUNTING FACE 48 >105. Pag. 152 IAM" href="https://vdocument.in/italgroup-s-rl-iam-series-iam-h6-general-catalogue-34-16-unf-2b-85.html">ITALGROUP S RL IAM SERIES - IAM H6 GENERAL CATALOGUE … · 3/4"-16 UNF 2B >85 +0.011 -0,009 167 91 24 MOUNTING FACE 62 8 N85x3x27-9H DIN 5480 MOUNTING FACE 48 >105. Pag. 152 IAM

Tipping Points in a Dynamic Stochastic IAM › ... › SURED-12_058_Lontzek_Cai_Judd.pdf · 2015-06-15 · Tipping Points in a Dynamic Stochastic IAM Thomas S. Lontzek University

ITALGROUP S RL IAM SERIES - IAM H2 GENERAL CATALOGUE … · 36 UNI 221 UNI 8953 - 8x36x42 DIN ISO 14 - 8x36x42 >42 ±0,01 MOUNTING FACE 36 36 UNI 220 >55 8 48. Pag. 52 IAM rev.03

Cardiologia iam

Samsung SDS IAM & EMM SDS IAM & EM… · IAM & EMM application to authenticate with Samsung SDS IAM & EMM Mobile Authenticator—see “Using the Samsung SDS IAM & EMM application

Intermot Hydraulic Motors IAM•HD Series H7 Models - IAM•HD... · IAM•HD H7 Technical data MODEL N° of pistons Displacement Specific Torque Pressure Speed Max Power Dry Mass

Iam Brochure

ADFS + IAM

IAM Certificate And IAM Diploma Syllabi Modules and Contents · This document deals with the detailed content of the IAM Certificate and IAM Diploma examinations, describing each

iam and harvard policiesiam.harvard.edu/files/iam/files/iam-security-privacy-policies.pdf · IAM$Security$&Privacy$Policies Scott%Bradner November%24,%2015 December%2,%2015 Tuesday

S 0500-N S 1000-N S 1500-N S 2000-N S 2500-N S 3000-N S ... · s 3500-n s 4000-n s 4500-n s 5000-n s 5500-n s 5500-n s 6000-n s 6500-n s 7000-n s 7500-n s 8000-n s 8500-n s 9000-n

SP Voice - Cisco · SP Voice Technology ... IAM PC/CIC Y Ringing IAM IAM ACM ACM ANM ANM Off-Hook DTMF Ringing Off Hook ... Call Forking Flow Invite I n v i t e Alice Office

IAM Certificate And IAM Diploma Syllabi Modules and Contents · SUMMARY This document deals with the detailed content of the IAM Certificate and IAM Diploma examinations, describing

Therefore IAM

Brian Limperopulos Programs Manager IAM. IAM Programs IAM Governing Members’ Meeting How IAM serves its Governing Membership: Receivable Protection Program

The History IAM - New IAM Pageiamaw898.org/History of Local Lodge 898_final.pdfHistory of IAM S mokeaters L odge 898 . Introduction The history of Smoke-Eaters Lodge 898 is a story

INTERMOT - aADVANCED - MOTORS IAM SERIES H6 MODEL · pag. 88 IAM rev. 00 TECHNICAL DATA H6 MODEL IAM 2200 H6 IAM 2500 H6 IAM 2800 H6 IAM 3000 H6 IAM 3200 H6 IAM 3500 H6 Displacement

Latin Review: N-O Nomine By name, called Non iam No longer

ANGOR - IAM

IAM 530 ELEMENTS OF PROBABILITY AND …osezgin/IAM 530-LECTURE4.pdfBINOMIAL THEOREM •For any real numbers x and y and integer n>0 i n i n i nx y i n 0 ( ) •If X~Bin(n,p), then

A Practitioner´s Recommendations for successful IAM Programs

Iam designer

Transportation Communications Union/IAM...Transportation Communications Union/IAM International Association of Machinists and Aerospace Workers s, Anthony M. Siriano National Representative

Infarto IAM

Institute for Applied Materials IAM-AWP & Program …...Institute for Applied Materials IAM-AWP & Program NUKLEAR International Symposium on Zirconium n e Nuclear Industry, . ‐07.02.2013,

Iam Majek_visualresumestoryboard