simplify, streamline and empower security with …...3 @matthewobrienau | #know17 © 2017 servicenow...
TRANSCRIPT
1@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved©2017ServiceNowAllRightsReserved
MatthewO’BrienSeniorGlobalProductManager
CybersecurityDXC.technology
Simplify,StreamlineandEmpowerSecuritywithISecOps
2@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved
WhatisIntegratedSecurityOperations(ISecOps)?IntelligenceDriven,automatedsecurityincidentandvulnerabilitymanagement
IncidentandVulnerabilityManagementPlatformIntegratedSecurityOperationsandIncidentResponse
PEOPLEPROCESS
TECHNOLOGYSERVICES
3@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved
IT departments feel the squeeze but…budgets are under pressure and security is now a board-level issue
The innovative adversary is increasingly sophisticated and, on average, goes undetected for 99 days1
Security operationsneed maturity, speed & scale to move beyond real-time threat monitoring
Regulatory pressuresgrow for industry and geography compliance requirements such as GDPR
Sources:1:MandiantM-Trends2017Report;2:USBureauofLaborStatistics,3:CyberArkSecurityReport2015
Widening skills gapmakes it hard to attract, train, and retain security professionals, yet the demand for security talent is expected to increase by 53% in 20172
Next generation threatssuch as ransomware or file-less, memory-based malware makes it difficult to stay secure
Device, cloud explosion
is causing significant increases in the enterprise threat surface
People are weakest linkand require awareness and training to protect against the 80% of attacks that target user access3
Securityteamsareunderpressure
4@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved
TheCoreProblem:SecurityRespondersAreOverwhelmed
• SIEM• APT• EPS• VUL
SecurityAnalyst
WhatinfodoIneed?
WhatsystemshavetheinfothatIneed?
WhatlookupsdoIneedtoruntoderive2nd levelenrichment?
HaveIseenthistypeofthreatbefore?
Isitathreatattemptingtogoundetected?
SecurityRunbookknowledge
Multipledisparatesolutions
Manualscriptingandoperational
tasks
Nohistoricalthreatintel tiedto
incidentsorCIs
Nocontextacrossasset,servicetypeorusergroup
Slow
erSecurity
Respo
nse
SecurityAlert
5@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved
OurSolution– iSecOpsISecOps as a Service
WorkflowAutomation&Orchestration
ThreatIntelligence
SecurityIncidentManagement
VulnerabilityManagement
ITIntegration
EfficientSecurityResponse
StreamlineRemediation
VisualizeYourSecurityPosture
ManagedSecurityServices
ISecOps – Isafullyintegratedplatformfordeliveringenterprisesecurityresponseservices– providingenhancedvulnerabilitymanagement,operationalInterlock,improvedvisibilityandreducedtimetomanageandrespondtosecuritythreats.
6@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved
• ISecOps
• SecurityIncidentResponse(SIR)andVulnerabilityManagement
• UserPortalandSecuritySelfService
• ExecutiveDashboard&Reporting
Portal ServiceDesk
Monitoring
VulnerabilityScan
CMDB
HIGHVALUECI’s
LOWVALUECI’s
CI CI CI CI CI
CI
CI
CI
CI
CI
CI
CI
CI
CI
CI
CI
CI
CI
CI
CI
CI
SecurityIncidentResponse
(SIR)
VulnerabilityManagement
ThreatIntelligence
SIEMEDRFirewallsIDS/IPSEndpointProtection
Vulnerabilityscanning
ThreatLibraries
iSecOpsAnalysts
EndUsers
BasicInventoryDXCITAMProject
SecurityOperationsOverview
7@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved
Solution– DemoHighlights
8@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved
ValueOutcomes
MultipleToolsMultipleProcesses
Integratedsolution,clearlydefinedandautomatedworkflow.Cleartaskassignment
andresponsibilities
ImprovedIncident&Vulnerability
ManagementWorkflow
ManualprocessesNoautomation
Integratedtools,workflowautomationandautoassignment.Fasterresponsetimeto
securitythreatsIncreasedAutomation
DisparatesourcesofdataNosingleview
Centralizedreportingacrosstheenterprise.Visibilityatthebusinessunitandregional
levels,aggregatingtoaglobalviewImprovedVisibility
Teamsfocusedonmultipleitemswithuncertainpriorities.Timespentonmedialtasks
Teamsfocusesonbusinessoutcomeandpriorities.Timeisspentonmoreinteresting
securityrelatedactivities
IncreasedEmployeeSatisfaction
Before After Outcome
Disparatesystemsofinformation.Multiplecontrols
andintelligenceSources
Integratedthreatintelligence,vulnerabilitydata,andsecurityincidentdataintheone
location
ImprovedIntegrationofinformation
9@MatthewOBrienAU | #Know17
©2017ServiceNowAllRightsReserved
Wanttoseemore?