1 / 5

Security Snapshot Assessment

What resources do we have to allocate? How do we assign remediation tasks? How do we automate patch deployments?. What assets do we have? What is running on those assets? What is our risk level? What are the high-risk areas? How does risk compare to our security policy?.

estherward
Télécharger la présentation

Security Snapshot Assessment

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What resources do we have to allocate? • How do we assign remediation tasks? • How do we automate patch deployments? • What assets do we have? • What is running on those assets? • What is our risk level? • What are the high-risk areas? • How does risk compare to our security policy? • Have we achieved an acceptable level of security? • Are we compliant with our internal security policies? • What are the areas of non-compliance? Security Snapshot Assessment MaximizingReturn on Security Investment MaximizingReturn on Security Investment

  2. Configuration Management • The rising number of vulnerabilities demands a review of the processes and resources needed to effectively deal with increased exposure -- Source: CERT Data. • This rapid acceleration from vulnerability disclosure to widespread attacks represents today’s most critical network security risk

  3. Business Continuity • The integration of enterprise applications (ERP, SFA, Financials, Call Center, Help Desk, etc.) are creating complex business processes that require 24x7 availability • These business processes rely on network devices within an infrastructure • Servers, routers, switches, etc. • An attack on one network device can have ripple affects on a business process, shutting down services across a network, and crippling business continuity

  4. Regulatory Compliance • Many companies now face board-level inquiries into their security practices • Scope of compliance is now a business and technology issue • Security programs must be developed, implemented and maintained • Identify and assess the risks threatening customer data • Generate timely, accurate and actionable information about their exposures • Internal policies must be created, implemented and enforced • Identify which technologies, methods and people are most vulnerable • Have a consistent baseline of questions around standards, practices, configurations and vulnerabilities GLB

  5. Security Puzzle • Eliminate losses associated with events that can be identified and corrected • Accurately identify and fix network-wide vulnerabilities expeditiously • Ongoing, proactive network threat reduction • Reduce manhours required to correct issues • Executive level reporting / Verification of threat reduction process Security Policy Enforcement Security Snapshot Assessment Asset Inventory RemediationManagement Security Management ConfigurationManagement Post-Attack Forensics Business Continuity Host-level Threat Mitigation

More Related