DATA-CENTRIC SECURITY FRAMEWORK
Matt Bossom – Program Manager
What Keeps You Awake at Night
Compliance
Corporate Governance
CriticalInfrastructure
Are there regulatory risks?
Do employees respect and adhere to internal policies and controls?
Are insiders creating vulnerabilities?
Are intruders gaining access and removing data?
Competitive AdvantageAre insiders putting the organization at risk?
Are you better able to protect your customers’ and partners’ data?
Data Loss is Expensive
• $204 Per Consumer Record • $600 Billion IP Theft a Year Globally• Across all industries, data loss is challenging
COST OF DATA BREACHESAVERAGE TOTAL PER-INCIDENT COST
2005 2006 2007 2008 2009$0.00
$1.00
$2.00
$3.00
$4.00
$5.00
$6.00
$7.00
$4.54 $4.79
$6.35 $6.65 $6.75
$Mil
Ponemon Institute 5th Annual US Cost of Data Breach Study
COST OF DATA BREACHESCOST PER COMPROMISED RECORD
2005 2006 2007 2008 2009$0
$50
$100
$150
$200
$250
$138
$182
$197 $202 $204
Ponemon Institute 5th Annual US Cost of Data Breach Study
Complexities
Where is the Data
“The big issue is knowing where the information is in the first place.“ John Geater
Bridging the gap between RCM and Data Protection
DLP PROJECTS ARE COMPLEX….
Data Identification
Actionable Auditing Policy Design Policy
Implementation
WEBSENSE
Data Discover
WEBSENSE
Data Monitor
Quick Start Services
Policy Tuning Services
Deployment Services
Product Evaluation
How is my data used?
Where is my data going?
Is it violating my policies or external regulations?
How is it leaving?
Where is my data?
How much is there?
Is it at risk?
How do I enforce inline with business processes?
How do I extend policies across the network and to remote workers?
CHARACTERISTICS OF A SUCCESSFUL DLP PROGRAM
Executive level sponsorship and involvement to successfully protect data, change business processes and shape employee behavior
Cross-functional teams of business, legal and technical staff focused on a comprehensive program to reduce risk across the enterprise
A prioritized approach - confidential data has many forms and many locations - target the most critical data first
A trained Incident Response Team (IRT)
Clearly defined roles, responsibilities, and procedures
Employee education to enforce data protection policies
DLP Analysis
Who are your
users?
Who are thedata stakeholders?
Who should/notuse your data?
Data
What type of data
do you have?
Where is your
data located?
What is the valueof your data?
What communicationchannels are in use?
What are your datasecurity policies?
What are good/baddata processes?
People Process
Accuvant: Complete Data Protection
Protection and Compliance
Phased deployment path to complete data protection
Block unauthorized devices
Encrypt laptops
Monitor and secure all data routes
Discover and Classify Data
Audit and Forensics
DLP RISK ASSESSMENT
• Architectural-level examination of the enterprise environment
• Assess current state of data security
• Focus on industry best practices and applicable regulations (e.g., PCI, HIPAA, GLBA, SOX)
• Identify potential enterprise risks and exposures
• Propose opportunities for improvement and mitigation
• Utilize DLP kit for data monitoring and analysis
Understand your organization’s current exposure to data loss and then design a DLP strategy
Control Framework
Policy and Awareness
Assessments
Audit
TreatRisks
ImproveControls
AutomateControls
RiskAssessment
Partners/Customers
Regulations
World Class Expertise
Business Need: Understand risks to the business with regard to credit card information
residing on laptops across the company.
Solution: Accuvant found over 240,000 files containing credit card numbers and 70,000
sensitive files identified and tagged
Delivered detailed findings report (e.g., end users had sensitive information sprawled throughout disk drives)
Reduced risk by having end users delete or encrypt the sensitive files identified
Implemented a new security education program
Case Study – Fortune 500 Retailer
Control Framework
Policy and Awareness
Assessments
Audit
TreatRisks
ImproveControls
AutomateControls
RiskAssessment
Partners/Customers
Regulations
World Class Expertise
Business Need: Driven by compliance requirements associated with SB 1386, Personally
Identifiable Information (PII) Driven by a State of CA Mandate tied specifically to Medi-Cal data
Solution: Accuvant assisted with the vendor evaluation and proof of concept
Data lifecycle management was performed to locate critical data assets and create sensitive data classification levels
Data discovery exercise was completed to identify unknown data stores and develop data ownership matrix
Implemented a DLP solution with a phased approach, starting with network, endpoints and then data shares
Case Study – Largest County in US
WHY ACCUVANT TS SERVICES?
World Class Experience - Mature, very well-rounded team - Combining Information Security expertise with RCM focus - Insight into multi-vendor solutions - Industry known – authors and speakers
Why Accuvant
QUESTIONS?
Top Related