pwc point of view on cybersecurity management
TRANSCRIPT
PwC Point of View on Cybersecurity Management
Prakash Venkata - PrincipalGautam Sehgal - Director
Security
PwCCybersecurity and Privacy
SCT35S
#CAWorld
2 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
© 2015 CA. All rights reserved. All trademarks referenced herein belong to their respective companies.
The content provided in this CA World 2015 presentation is intended for informational purposes only and does not form any type
of warranty. The information provided by a CA partner and/or CA customer has not been reviewed for accuracy by CA.
For Informational Purposes Only
Terms of this Presentation
3 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Abstract
During this session, participants will learn about PwC’s Cybersecurity Management framework that assists enterprises in identifying crown jewels, threats & risks in the environment, architectural gaps, and assists in building cyber resilience program.
PrakashVenkataPwC
Principal
Gautam SehgalPwC
Director
4 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Agenda
THE CHANGING NATURE OF THREATS
REGULATORY AND COMPLIANCE FORCES ON THE INDUSTRY
PWC’S CYBERSECURITY FRAMEWORK
PWC’S APPROACH TO SOLVING CLIENTS’ CYBERSECURITY CHALLENGES
HOW SOME OF CA SECURITY SOLUTIONS COMPLEMENT PWC’S APPROACH
1
2
3
4
5
5 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
The Changing Nature of ThreatsToday’s Cybersecurity Challenges
To
da
ys
Pe
rv
as
ive
Ch
all
en
ge
s
Source: PwC Global State of Information Security Survey 2016PwC 2015 US CEO Survey
6 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD Source: PwC Global State of Information Security Survey 2016
The Changing Nature of ThreatsHow Business is Solving the Problem
Ho
w B
us
ine
ss
is
So
lvin
g t
he
Pr
ob
lem
In 2015, organization’s across the globe increased
Cybersecurity spending by and average of 24%
7 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Regulatory and Compliance Forces on the IndustryData Security Across the Globe
Heavy
Robust
Moderate
Limited
Data Security Regulation and
Enforcement
20
28
2
0
2*
0
1
10
3
Data security and privacy challenges have forced cybersecurity and legal experts to better strategize how data is stored, secured, and used throughout the world. With nations maintaining disjointed security laws, it becomes difficult to ensure security and privacy compliance in every jurisdiction. The United States alone has roughly 20 sector specific or medium-specific national privacy or data security laws.
Federally Enforced Security Laws
Source: US Data Protection and Privacy Group 2014
*Does Not Include Individual EU Member Regulations
Breach Notification
Authority
Collection & Processing
Transfer
Enforcement
Electronic Marketing
Online Privacy
Data Security Regulation Coverage
Security
0
[1]
[1]
8 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
PwC’s Cybersecurity Framework
PwC’s Strategic Threat Analysis identifies high-level threat actors, the likelihood of exploitation for identified vectors, and the development of a threat model and associated threat matrix to identify potential attack combinations.
Strategic Threat Analysis IT Security Architecture Cyber Resiliency Analysis
PwC’s IT Security Architecture offering assesses the technologies and relationships between technologies to identify whether services are fully executed, partially executed, missing, or not used.
PwC’s Cyber Resiliency Analysis identifies organizational, process, and technology controls used to protect, detect, and respond to potential threats to the environment.
Strategy, Governance & Management
Emerging Technologies & Market Trends
Risk & Compliance
Management
Information & Privacy
Protection
Identity & Access
Management
Threat, Intelligence & Vulnerability Management
Security Architecture &
ServicesSecurity Domains
9 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
PwC’s Approach to Solving Client’s Cybersecurity Challenges
Align with the business
Adapt to the future
Manage risk and regulations
Anticipate and respond to security crises
Address threats and weaknesses
Enable secure access
Safeguard critical assets
Secure by design
Strategy, Governance & Management
Emerging Technologies & Market Trends
Risk & Compliance
Management
Incident & Crisis
Management
Information & Privacy
Protection
Identity & Access
Management
Threat, Intelligence & Vulnerability Management
Security Architecture &
Services
10 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
How some of CA Security solutions Complement PwC’s approach
Identity & Access
Management
Emerging Trends &
Innovation
Strategy, Governance & Management
CA Data Protection
CA Network Flow AnalysisAPI Management & Security
CA Cloud Service Management
Identity Management & GovernanceCA Privileged Identity Management CA Advanced AuthenticationCA Single Sign-On (PKA CA SiteMinder)
Mobile SecurityPayment Security
Security Domains CA Solutions
CA Project & Portfolio Management
Threat, Intelligence & Vulnerability Management
Information & Privacy Protection
Security Architecture &
Services
11 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
Q & A
12 © 2015 CA. ALL RIGHTS RESERVED.@CAWORLD #CAWORLD
For More Information
To learn more, please visit:
http://cainc.to/Nv2VOe
CA World ’15