rsa archer cdm briefing - cscout · operational risk management solutions (13 december 2016) •...
TRANSCRIPT
RSA Archer CDM Briefing
Dan Carayiannis
RSA Archer Public Sector Director
30,000+customers
50+ millionidentities
97%
94%
Consumer product
Financial institutions
Healthcare institutions
Transportation
Manufacturing
19 of the
TOP 20
20 of the
TOP 2018 of the TOP 20 Telecom
16 of the TOP 20 Energy
All branches of US Military
13 of the 15 Executive Departments
of U.S. Government / DHS CDM Program
10 of the TOP 10 Technology
1 billionconsumers
RSA PORTFOLIO
RSA CYBER ANALYTICS PLATFORM
RSA Archer customers
1,500+ GRC deployments
9 of the Fortune 10
38 of the Fortune 50
69 of the Fortune 100
10 out of 10 biggest U.S. banks*
Customers in every market:
-Healthcare
-Insurance
-Energy
-Transportation
-Technology
-Retail
-Government
Global operations
RSA Archer analyst
recognitionA Leader in:
• Gartner Magic Quadrant for
Operational Risk Management
Solutions (13 December 2016)
• Gartner Magic Quadrant for IT Risk
Management Solutions (29 June
2017)
• Gartner Magic Quadrant for Business
Continuity Management Planning
Software, Worldwide (12 July 2017)
• Gartner Magic Quadrant for IT Vendor
Risk Management (29 June 2017)
~$1B revenue
2,700+ employees
1,000+ technology partners
30+ years of cybersecurity expertise
15+ years of risk expertise
* bankrate.com
ARCHER AT A GLANCE
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology user to select only those vendors with the highest ratings or other designation.
Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with
respect to this research, including any warranties of merchantability or fitness for a particular purpose.
RSA ARCHER PUBLIC SECTOR ENABLEMENT
► 100+ Federal Agencies
► 17 States
► 10 Countries
► 12 Cities, Counties and Municipalities
► Use Cases Built to Support Government Requirements
RSA ARCHER GOVERNMENT USE CASES
• Certification & Accreditation / Assessment and Authorization
• Security Operations Center Efficiencies and Orchestration
• Continuous Monitoring
• Enterprise Security Incident Tracking and Management (Cyber and Physical)
• Cyber Security Visibility and Risk Management
• Department/Agency Operational Risk Management programs
• 3rd Party Supply Chain Management
• Business Resiliency
• Audit Management (internal and external)
• IT Portfolio Management
• Findings Management
• Top Down and Bottom Up Assessments and Datacalls
• Process Automation and Government Legacy Application Retirement
Acceptance
• Efficiency
• Automation
• See connections between multiple
programs
• Plan future approach
RSA ARCHER GRC MATURITY MODEL
Manage in unison
• Set enterprise objectives
• Coordinate analysis and action
• Complete visibility to risk, exposure,
performance
• Value proposition
Governance, Risk and Compliance (GRC) Maturity Model
Source: AMR Research“Comply” “Improve” “Transform”
Panic
• Get it done!
• Operate in isolation
• Marshall resources as necessary from
wherever
Coordination
• Identify risks
• Assess exposure
• Prioritizing actions
• Reuse technology components for
multiple purposes
Step 1:
Reacting
Step 3:
Collaborating
Step 4:
OrchestratingWhere most organizations
see themselves today
Tactical StrategicMaturity varies by industry / geography
Co
nsis
ten
t
Tra
nsp
are
nt
Sustainable
Efficient
Step 2:
Anticipating
GRC
RSA ARCHER’S RISK MANAGEMENT SUITE
RSA ARCHER AND CMS
▪CMS has been an Archer customer since 2013
▪Archer being use to support CSCOUT
▪Multiple Archer use cases being leveraged by CMS
− Assessment and Authorization
− Continuous Monitoring
− POAM Management
− Security Operations
− Others (Risk and Audit Mgmt)
DHS CDM PROGRAM OVERVIEW
What Exactly Is CDM?
▪CDM = Continuous Diagnostic and Mitigation
▪US Government Risk Management Program Based on NIST RMF
What’s Its Purpose?
▪Deploy cyber risk monitoring and reporting structure across all US
departments and agencies
▪Speed remediation and improve the overall government cyber risk
posture
DHS CDM CORE CONCEPTS
DashboardRisk Scoring
Threat AwarenessPolicy Alerting
11
DHS CDM GOALS AND OBJECTIVES
• Establish consistent, government-wide set of
information security continuous monitoring tools to
help protect .gov networks
• Enhance users’ ability to identify and respond to
emerging cyber threats
• Increased visibility by reducing agencies
understanding of cyber risks from weeks and
months to days and hours
• Provide dashboards, reports and risk metrics that
improve situational awareness and help decision
makers and operators identify and address “worst
first” problems
CDM Phases – Strategic View
14
Technical
Functional
Areas (TFA’s)
They define the
scope of the
CDM Program
CDM 15 TFAs
CDM Participants By Group
Task Order 2 D/A
Group A DHS*
Group BEOP, DOE*, DOI*, DOT, USDA*, VA*,
OPM
Group C DOC*, DOJ*, DOL*, State*, USAID
Group DGSA, HHS*, NASA*, SSA, Treasury*,
USPS
Group EEducation*, EPA, HUD*, NRC, NSF*,
SBA
Group F 40+ Non-CFO Act agencies
15
* Agencies that were in DO#1
DHS CDM GENERAL ARCHITECTURE
Architectural boundaries
▪ Zone A: Tools and Sensors
▪ Zone B: CMaaS Integration
▪ Zone C: Agency Dashboard
▪ Zone D: Federal Dashboard
Dashboard operates as a
Standardization Driver
▪ Dashboard Provider focused on
Federal Level
▪ CMaaS Provider focus for Agency
Level
• Continuous Monitoring
• Plan of Action & Milestones (POA&MS)
• Assessment & Authorization (A&A)
RSA ARCHER CDM USE CASES
RSA ARCHER PLATFORM
Embedded reporting engine
with ability to create global and
personal dashboards
“Application Builder” to
modify pre-built applications and
build your own without coding
Multiple options for data
integration including import,
Data Feed Manager and API
Common user experience
including branding across your
risk and compliance processes
Robust access control at the
Application, Record and Field
level and System Auditing
Search engine across all
data enabling analytics
and data visibility
Advanced workflow
capabilities with visual workflow
builder and notifications
Shared data model that crosses
processes and builds business context
for all risk and compliance processes
RSA ARCHER TECHNOLOGY AGNOSTIC
400+ COMPANIES, 1000+ SOLUTIONS and INTEGRATIONS
UNDERSTAND ASSETS WITH CONTEXT
VISUALIZE AGENCY CONFIGURATIONS RESULTS
REACT UPON AGENCY VULNERABILITIES
RISK DECISION WITH SUPPORT METRICS
RSA Archer Supports DHS CDM Requirements
Cross organizational
lines & mission
boundaries for
Collaboration
Define & enforce
ownership of
resiliency through
Accountability
Automate
processes for
Efficiencies
Consolidate data
and enable risk
Analytics &
Visibility
RSA innovation & Thought leadership
INSPIRE EVERYONE
TO OWNRISK!
QUESTIONS?
THANK YOU!